squareup.com Open in urlscan Pro
162.159.137.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://kjfjb2yk.r.us-west-2.awstrack.me/L0/https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733...
Effective URL:
https://squareup.com/au/en/press/refund-policy-update
Submission: On March 05 via api (March 5th 2023, 10:25:53 pm UTC) from US — Scanned from US

Summary HTTP 238 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 48 IPs in 4 countries across 65 domains to perform 238 HTTP transactions. The main IP is 162.159.137.66, located in and belongs to CLOUDFLARENET, US. The main domain is squareup.com. The Cisco Umbrella rank of the primary domain is 12543.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 11th 2022. Valid for: a year.

This is the only time squareup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.43.134.153 52.43.134.153	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:20e... 2600:9000:20ed:8400:15:8642:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
14	162.159.137.66 162.159.137.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.129.49 151.101.129.49	54113 (FASTLY) (FASTLY)
3	151.101.193.49 151.101.193.49	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:c00... 2600:1400:c000:385::19f0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.217.19.182 23.217.19.182	16625 (AKAMAI-AS) (AKAMAI-AS)
8	34.98.67.114 34.98.67.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200e	15169 (GOOGLE) (GOOGLE)
3	13.33.60.98 13.33.60.98	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9c	15169 (GOOGLE) (GOOGLE)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
5	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:24e... 2600:1f18:24e6:b902:ce86:cbe1:655c:7a53	14618 (AMAZON-AES) (AMAZON-AES)
2	3.219.0.3 3.219.0.3	14618 (AMAZON-AES) (AMAZON-AES)
67	13.225.223.77 13.225.223.77	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f07... 2a03:2880:f07e:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	142.251.40.230 142.251.40.230	15169 (GOOGLE) (GOOGLE)
1	34.228.28.62 34.228.28.62	14618 (AMAZON-AES) (AMAZON-AES)
2	18.144.72.236 18.144.72.236	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f17... 2a03:2880:f172:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
4	99.84.119.94 99.84.119.94	16509 (AMAZON-02) (AMAZON-02)
11	54.147.21.139 54.147.21.139	14618 (AMAZON-AES) (AMAZON-AES)
4	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:1400:900... 2600:1400:9000::687e:74ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
1 2	52.94.215.121 52.94.215.121	16509 (AMAZON-02) (AMAZON-02)
1	52.85.61.124 52.85.61.124	16509 (AMAZON-02) (AMAZON-02)
1	52.0.8.169 52.0.8.169	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1 2	13.33.60.37 13.33.60.37	16509 (AMAZON-02) (AMAZON-02)
1	13.226.39.90 13.226.39.90	16509 (AMAZON-02) (AMAZON-02)
1 5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21e... 2600:9000:21ec:9400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
4 4	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80b::2003	15169 (GOOGLE) (GOOGLE)
39	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
3 3	52.6.57.179 52.6.57.179	14618 (AMAZON-AES) (AMAZON-AES)
1 1	199.187.193.197 199.187.193.197	47043 (SMARTADSE...) (SMARTADSERVER)
1 1	13.225.214.84 13.225.214.84	16509 (AMAZON-02) (AMAZON-02)
3 3	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1 1	23.205.6.178 23.205.6.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.82.84.2 3.82.84.2	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:612... 2600:1f18:612b:4264:fcc9:15b9:95fe:244c	14618 (AMAZON-AES) (AMAZON-AES)
1	198.54.201.131 198.54.201.131	41690 (DAILYMOTI...) (DAILYMOTION For peering related business)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	63.251.28.234 63.251.28.234	13789 (INTERNAP-...) (INTERNAP-BLK3)
1 1	13.35.97.222 13.35.97.222	16509 (AMAZON-02) (AMAZON-02)
1	44.198.102.139 44.198.102.139	14618 (AMAZON-AES) (AMAZON-AES)
1	3.228.92.231 3.228.92.231	14618 (AMAZON-AES) (AMAZON-AES)
1 1	52.44.178.153 52.44.178.153	14618 (AMAZON-AES) (AMAZON-AES)
2 2	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.155.61.223 35.155.61.223	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.90.30 35.190.90.30	15169 (GOOGLE) (GOOGLE)
2 2	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
2 2	192.35.249.137 192.35.249.137	11742 (SPOTX-IAD) (SPOTX-IAD)
1 1	3.136.169.148 3.136.169.148	16509 (AMAZON-02) (AMAZON-02)
1 1	18.224.163.104 18.224.163.104	16509 (AMAZON-02) (AMAZON-02)
1	18.235.176.187 18.235.176.187	14618 (AMAZON-AES) (AMAZON-AES)
2 2	13.33.60.9 13.33.60.9	16509 (AMAZON-02) (AMAZON-02)
3 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	52.223.22.214 52.223.22.214	16509 (AMAZON-02) (AMAZON-02)
2 2	50.57.31.206 50.57.31.206	19994 (RACKSPACE) (RACKSPACE)
1 1	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 1	45.79.141.248 45.79.141.248	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1 1	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.224.48 141.226.224.48	200478 (TABOOLA-AS) (TABOOLA-AS)
238	48

1 52.43.134.153 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-134-153.us-west-2.compute.amazonaws.com

kjfjb2yk.r.us-west-2.awstrack.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ed:8400:15:8642:3040:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

links.squareupmessaging.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 162.159.137.66 (None, )

ASN13335 (CLOUDFLARENET, US)

squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.49 (United States)

ASN54113 (FASTLY, US)

xms-production-f.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tealium-f.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.49 (United States)

ASN54113 (FASTLY, US)

square-fonts-production-f.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:c000:385::19f0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

tapi.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.217.19.182 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-217-19-182.deploy.static.akamaitechnologies.com

a8447815042.cdn-pci.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.67.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.67.98.34.bc.googleusercontent.com

data-platform.squarecloudservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.60.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-98.ewr52.r.cloudfront.net

martech-production-c.squarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

424-iab-218.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80f::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b902:ce86:cbe1:655c:7a53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.0.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-0-3.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 13.225.223.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-77.jfk51.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2002 (Nutley, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f07e:9:face:b00c:0:3 (Somerville, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f6.1e100.net

9628652.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
12345.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.228.28.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-28-62.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.144.72.236 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-72-236.us-west-1.compute.amazonaws.com

capi.squareup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f172:81:face:b00c:0:25de (Somerville, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.119.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-119-94.ewr52.r.cloudfront.net

reporting.cdndex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.147.21.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-21-139.compute-1.amazonaws.com

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-sq-sgtm-prod.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:9000::687e:74ca (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.215.121 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)

aax-fe.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-124.ewr53.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.8.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-8-169.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.37 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-37.ewr52.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.39.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-90.ewr53.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21ec:9400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.113 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.176.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.45.33.138 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80b::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.57.179 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-57-179.compute-1.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.187.193.197 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.84 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.6.178 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-6-178.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.82.84.2 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-84-2.compute-1.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:fcc9:15b9:95fe:244c (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.54.201.131 (United States)

ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR)
PTR: ingress-01-pub-prod-nyc.vip.dailymotion.com

public-prod-dspcookiematching.dmxleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.234 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.97.222 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-35-97-222.jfk50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.102.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-102-139.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.92.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-92-231.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.178.153 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-178-153.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (United States) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.155.61.223 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-61-223.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.90.30 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.35.249.137 (Ashburn, United States) 2 redirects

ASN11742 (SPOTX-IAD, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.169.148 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-169-148.us-east-2.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.224.163.104 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-163-104.us-east-2.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.176.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-176-187.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.60.9 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-9.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.22.214 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.57.31.206 (United States) 2 redirects

ASN19994 (RACKSPACE, US)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.83 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.141.248 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: lciapi-ewr-15.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.28.7.81 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.48 (United States) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	driftt.com js.driftt.com — Cisco Umbrella Rank: 5303	819 KB
41	amazon-adsystem.com 1 redirects aax-fe.amazon-adsystem.com — Cisco Umbrella Rank: 18171 s.amazon-adsystem.com — Cisco Umbrella Rank: 267	28 KB
16	squareup.com squareup.com — Cisco Umbrella Rank: 12543 api.squareup.com — Cisco Umbrella Rank: 18579 capi.squareup.com — Cisco Umbrella Rank: 56757	182 KB
12	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 9628652.fls.doubleclick.net — Cisco Umbrella Rank: 57219 12345.fls.doubleclick.net — Cisco Umbrella Rank: 88862 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	8 KB
11	drift.com bootstrap.api.drift.com — Cisco Umbrella Rank: 6190 metrics.api.drift.com — Cisco Umbrella Rank: 6033 event.api.drift.com — Cisco Umbrella Rank: 6788	7 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 372	192 KB
10	squarecdn.com xms-production-f.squarecdn.com — Cisco Umbrella Rank: 119077 square-fonts-production-f.squarecdn.com — Cisco Umbrella Rank: 39416 martech-production-c.squarecdn.com — Cisco Umbrella Rank: 57691 tealium-f.squarecdn.com — Cisco Umbrella Rank: 99591	705 KB
8	squarecloudservices.com data-platform.squarecloudservices.com — Cisco Umbrella Rank: 36295	305 B
7	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1431 insight.adsrvr.org — Cisco Umbrella Rank: 575 match.adsrvr.org — Cisco Umbrella Rank: 296	7 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	1 KB
5	yahoo.com 5 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 265 cms.analytics.yahoo.com — Cisco Umbrella Rank: 848	2 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 361 www.linkedin.com — Cisco Umbrella Rank: 564 px4.ads.linkedin.com — Cisco Umbrella Rank: 6058	4 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	261 KB
5	optimizely.com tapi.optimizely.com — Cisco Umbrella Rank: 9867 a8447815042.cdn-pci.optimizely.com — Cisco Umbrella Rank: 116995 errors.client.optimizely.com — Cisco Umbrella Rank: 7394 logx.optimizely.com — Cisco Umbrella Rank: 1237	2 KB
4	gstatic.com fonts.gstatic.com	176 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	4 KB
4	cloudfunctions.net us-central1-sq-sgtm-prod.cloudfunctions.net — Cisco Umbrella Rank: 52838	469 B
4	cdndex.io reporting.cdndex.io — Cisco Umbrella Rank: 41942	792 B
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	265 B
3	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 422	666 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431	2 KB
3	360yield.com 3 redirects match.360yield.com — Cisco Umbrella Rank: 2292	1 KB
3	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1385 api.company-target.com — Cisco Umbrella Rank: 3578	2 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	271 KB
3	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2273	856 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	20 KB
2	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1317	2 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 846 image6.pubmatic.com — Cisco Umbrella Rank: 725	775 B
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1141	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	782 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	640 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1400 lm.serving-sys.com — Cisco Umbrella Rank: 2290	777 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 709	997 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 198	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 313 token.rubiconproject.com — Cisco Umbrella Rank: 541	1 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 585 usermatch.krxd.net — Cisco Umbrella Rank: 1402	357 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 624	1 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1688	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 277	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 614	772 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 927	12 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 930	300 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2306	341 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3639	750 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1084	634 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 5234	656 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2745	186 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2672	880 B
1	dmxleo.com public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 4003	122 B
1	tremorhub.com 1 redirects amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5050	397 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 549	471 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 481	641 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 571	676 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813	375 B
1	turn.com r.turn.com — Cisco Umbrella Rank: 3104	398 B
1	quora.com q.quora.com — Cisco Umbrella Rank: 3167	420 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4697	19 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 704	5 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	2 KB
1	mktoresp.com 424-iab-218.mktoresp.com — Cisco Umbrella Rank: 130628	318 B
1	squareupmessaging.com 1 redirects links.squareupmessaging.com — Cisco Umbrella Rank: 496867	1 KB
1	awstrack.me 1 redirects kjfjb2yk.r.us-west-2.awstrack.me — Cisco Umbrella Rank: 502374	489 B
238	65

	Domain	Requested by
67	js.driftt.com	xms-production-f.squarecdn.com js.driftt.com
39	s.amazon-adsystem.com	aax-fe.amazon-adsystem.com s.amazon-adsystem.com
13	squareup.com	xms-production-f.squarecdn.com squareup.com static.cloudflareinsights.com
10	cdn.cookielaw.org	xms-production-f.squarecdn.com cdn.cookielaw.org squareup.com
8	data-platform.squarecloudservices.com	xms-production-f.squarecdn.com
5	connect.facebook.net	www.googletagmanager.com connect.facebook.net
5	www.google.com	squareup.com
4	fonts.gstatic.com	fonts.googleapis.com
4	event.api.drift.com	js.driftt.com
4	ups.analytics.yahoo.com	4 redirects
4	ib.adnxs.com	4 redirects
4	match.adsrvr.org	js.adsrvr.org
4	metrics.api.drift.com	js.driftt.com
4	us-central1-sq-sgtm-prod.cloudfunctions.net	xms-production-f.squarecdn.com martech-production-c.squarecdn.com
4	reporting.cdndex.io	squareup.com
4	www.facebook.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	us-u.openx.net	3 redirects
3	match.360yield.com	3 redirects
3	cm.g.doubleclick.net	3 redirects
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	bootstrap.api.drift.com	js.driftt.com
3	www.googletagmanager.com	martech-production-c.squarecdn.com www.googletagmanager.com tealium-f.squarecdn.com
3	rum.browser-intake-datadoghq.com	xms-production-f.squarecdn.com
3	martech-production-c.squarecdn.com	xms-production-f.squarecdn.com www.googletagmanager.com
3	www.google-analytics.com	xms-production-f.squarecdn.com www.googletagmanager.com
3	square-fonts-production-f.squarecdn.com	xms-production-f.squarecdn.com
3	xms-production-f.squarecdn.com	squareup.com
2	loadus.exelator.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	eb2.3lift.com	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	fonts.googleapis.com	js.driftt.com
2	segments.company-target.com	1 redirects
2	id.rlcdn.com	2 redirects
2	aax-fe.amazon-adsystem.com	1 redirects squareup.com
2	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
2	12345.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	adservice.google.com	9628652.fls.doubleclick.net 12345.fls.doubleclick.net
2	capi.squareup.com	xms-production-f.squarecdn.com
2	9628652.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	errors.client.optimizely.com	xms-production-f.squarecdn.com
2	static.cloudflareinsights.com	squareup.com
1	sync.taboola.com	1 redirects
1	image6.pubmatic.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	public-prod-dspcookiematching.dmxleo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	1 redirects
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	insight.adsrvr.org	1 redirects
1	api.company-target.com	tag.demandbase.com
1	r.turn.com
1	q.quora.com
1	tag.demandbase.com	squareup.com
1	snap.licdn.com	www.googletagmanager.com
1	tealium-f.squarecdn.com	xms-production-f.squarecdn.com
1	logx.optimizely.com	xms-production-f.squarecdn.com
1	www.googleadservices.com	www.googletagmanager.com
1	424-iab-218.mktoresp.com	xms-production-f.squarecdn.com
1	stats.g.doubleclick.net	xms-production-f.squarecdn.com
1	api.squareup.com	squareup.com
1	a8447815042.cdn-pci.optimizely.com	xms-production-f.squarecdn.com
1	tapi.optimizely.com	xms-production-f.squarecdn.com
1	links.squareupmessaging.com	1 redirects
1	kjfjb2yk.r.us-west-2.awstrack.me	1 redirects
238	92

This site contains links to these domains. Also see Links.

Domain
developer.squareup.com
www.sellercommunity.com
help.business.afterpay.com
au.issquareup.com
careers.squareup.com
twitter.com
www.facebook.com
instagram.com
block.xyz
www.onetrust.com

Subject Issuer	Validity	Valid
squareup.com Cloudflare Inc ECC CA-3	`2022-11-11` - `2023-11-11`	a year	crt.sh
*.squarecdn.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cdn-pci.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-30` - `2024-01-31`	a year	crt.sh
data-platform.squarecloudservices.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
martech-production-c.squarecdn.com Amazon RSA 2048 M02	`2023-02-27` - `2023-09-16`	7 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
api.squareup.com Entrust Certification Authority - L1K	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
errors.client.optimizely.com Amazon RSA 2048 M01	`2023-02-23` - `2023-08-02`	5 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-03-01` - `2023-09-21`	7 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-13`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-02-27` - `2023-08-22`	6 months	crt.sh
capi.squareup.com R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
reporting.cdndex.io Amazon RSA 2048 M01	`2023-02-22` - `2023-06-10`	4 months	crt.sh
misc.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
aax-fe.amazon-adsystem.com Amazon	`2022-10-07` - `2023-10-03`	a year	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
*.quora.com R3	`2023-02-26` - `2023-05-27`	3 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-02` - `2023-04-01`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-09-16` - `2023-10-18`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
public-prod-dspcookiematching.dmxleo.com ZeroSSL RSA Domain Secure Site CA	`2023-01-21` - `2023-04-21`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.samplicio.us Amazon RSA 2048 M01	`2022-11-16` - `2023-12-15`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-02-20`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://squareup.com/au/en/press/refund-policy-update
Frame ID: 3CA5F20BCB4A4DFA2B941E27AFD429A2
Requests: 71 HTTP requests in this frame

Frame: https://a8447815042.cdn-pci.optimizely.com/client_storage/a8447815042.html
Frame ID: 867460CA8D61A9D5B5BF3694DDB14FC3
Requests: 1 HTTP requests in this frame

Frame: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
Frame ID: 8E0A81920AFCADA0B69283B1E87CFD49
Requests: 7 HTTP requests in this frame

Frame: https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795
Frame ID: 378A833411184EE1510BF179BB389273
Requests: 2 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
Frame ID: 3781B1232537F9BE9611E8FB43B9D4A6
Requests: 40 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
Frame ID: 3D41C09AB17DDCDB362F175C6E6EAC7A
Requests: 38 HTTP requests in this frame

Frame: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
Frame ID: 82D5C3BD4C8801EBDE6DF391561EAD53
Requests: 16 HTTP requests in this frame

Frame: https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25
Frame ID: 2A6E983F398B9AC1D119877F7DA07F5B
Requests: 2 HTTP requests in this frame

Frame: https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800&dcc=t
Frame ID: 912471E1D1F0736DB051D9948DF02016
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0
Frame ID: 5183706676305EDE914B64B9688044C5
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6804367242380401746&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a
Frame ID: 10425DBDAEFE64757E56DC06FA185B04
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&google_gid=CAESEEQ0ph42KEZ1qeqVsFEnsSQ&google_cver=1
Frame ID: 1D750BC86E66FB4B19522DABC9E7E8C8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3Ej7BAlE2uK4raI4UD.9YvxYJEVuzDs-~A&gdpr=0
Frame ID: 6250B36960B3E793B4EE391BE117422E
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg
Frame ID: 01FF1C7A5762BAC648B68A5DF7B628A8
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

An Update to Square’s Refund PolicyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://kjfjb2yk.r.us-west-2.awstrack.me/L0/https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957... HTTP 302
https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733a546a4b9230189ac522... HTTP 303
https://squareup.com/au/en/press/refund-policy-update Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Page Statistics

238
Requests

82 %
HTTPS

27 %
IPv6

65
Domains

92
Subdomains

48
IPs

4
Countries

2735 kB
Transfer

9119 kB
Size

103
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://developer.squareup.com/au/en
Title: APIs

Search URL Search Domain Scan URL

URL: https://www.sellercommunity.com/t5/Seller-Community-Australia/ct-p/Seller_Community_AU
Title: Seller Community

Search URL Search Domain Scan URL

URL: https://help.business.afterpay.com/hc/en-au/articles/4708271751193-I-am-a-merchant-how-do-I-process-a-refund-#:~:text=Afterpay%20Merchant%20fees%20are%20non,reverse%20or%20change%20this%20action
Title: here

Search URL Search Domain Scan URL

URL: https://au.issquareup.com/
Title: Service status

Search URL Search Domain Scan URL

URL: https://developer.squareup.com/au/en/in-app-payments
Title: In-App Payments SDK

Search URL Search Domain Scan URL

URL: https://developer.squareup.com/docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://developer.squareup.com/apps
Title: Developer dashboard

Search URL Search Domain Scan URL

URL: https://careers.squareup.com/au/en
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/SquareAU/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/squareaustralia/

Search URL Search Domain Scan URL

URL: https://instagram.com/squareau/

Search URL Search Domain Scan URL

URL: https://block.xyz/
Title: Block, Inc.

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://kjfjb2yk.r.us-west-2.awstrack.me/L0/https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733a546a4b9230189ac522b48&_e=QwLQQeyjnQKkq_N3iyYW2ynh_wuTUytCJ1DBTlZWx-biYKvpIPYXSaBIImSW0CgC175RNEfpZrhnUsWOdp2Fh34ACec35ytrjxdyisTbJlG4Cj2VFJnHHPLob4AtwIY9lvDgPqRv94ygEcleW7QY4BcYHezdTVuHNqR7Yjf8HOTZ3HnHhtGRM7wYUhgiwQF9ddeeNJWzqTiYia_zIYiHQDKxXM9KiYBlD0z4EOofon36NjdEl0ghB6wKKUDaY4gd/1/010101869f9cb1ff-f5dc6025-22b1-4cbd-b378-29db020e7f0e-000000/91Z4T_ri-ABQKLElTxp0g4AIaOw=312 HTTP 302
https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733a546a4b9230189ac522b48&_e=QwLQQeyjnQKkq_N3iyYW2ynh_wuTUytCJ1DBTlZWx-biYKvpIPYXSaBIImSW0CgC175RNEfpZrhnUsWOdp2Fh34ACec35ytrjxdyisTbJlG4Cj2VFJnHHPLob4AtwIY9lvDgPqRv94ygEcleW7QY4BcYHezdTVuHNqR7Yjf8HOTZ3HnHhtGRM7wYUhgiwQF9ddeeNJWzqTiYia_zIYiHQDKxXM9KiYBlD0z4EOofon36NjdEl0ghB6wKKUDaY4gd HTTP 303
https://squareup.com/au/en/press/refund-policy-update Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://9628652.fls.doubleclick.net/activityi;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795 HTTP 302
https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795

Request Chain 118

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&value=0&auid=2047981498.1678055140&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=5BYFZKf5JPGHoPMPibiJiAQ&sscte=1&crd=&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsTCTUgDT0JrmusnnsXZhUxWPqSUdc4okQw&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUTlMdVlzZXIwZXZabVlKVGpIdEhIYVpqZloyZlE2TkpvSkdHVE1FeGMtV3BnGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxqd3JuZHE3NjJoSDZPUWhGZDUzbzZLOW1iZzBsRnR2Q2M1dGdsallwUFhJaGJ2RFVLOGdtTDZi HTTP 302
https://www.google.com/pagead/1p-conversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&value=0&auid=2047981498.1678055140&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUTlMdVlzZXIwZXZabVlKVGpIdEhIYVpqZloyZlE2TkpvSkdHVE1FeGMtV3BnGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxqd3JuZHE3NjJoSDZPUWhGZDUzbzZLOW1iZzBsRnR2Q2M1dGdsallwUFhJaGJ2RFVLOGdtTDZi&is_vtc=1&ocp_id=5BYFZKf5JPGHoPMPibiJiAQ&cid=CAQSKQDUE5ym9smx0EVv7qmZz00mgjpzXiPpaPO_Ho0dfbUgju-gxPLirmlh&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsSnKJVq1NpJBqyvUsEXqfisD8H4aObmvLE&random=790352077

Request Chain 157

https://12345.fls.doubleclick.net/activityi;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25 HTTP 302
https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25

Request Chain 160

https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800 HTTP 302
https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800&dcc=t

Request Chain 170

https://id.rlcdn.com/464526.gif HTTP 307
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCO2tlKAGEgUI6AcQAEIASgA HTTP 307
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w HTTP 303
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w&verifyHash=eb653731a289102909624ac3c3c4bb30cabecd67

Request Chain 172

https://insight.adsrvr.org/track/up?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0

Request Chain 174

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265932%26time%3D1678055149063%26url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true&e_ipv6=AQIICQD99BBZJgAAAYaz4Y9PdWMteS5psgeYNzhj71NZb_NTwt-kjdCvs2eHtoUWTP5SWDc

Request Chain 179

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Db3e72378-cac5-4b4d-820a-98d116e4bc0a HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6804367242380401746&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YjNlNzIzNzgtY2FjNS00YjRkLTgyMGEtOThkMTE2ZTRiYzBh&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&google_gid=CAESEEQ0ph42KEZ1qeqVsFEnsSQ&google_cver=1

Request Chain 181

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3Ej7BAlE2uK4raI4UD.9YvxYJEVuzDs-~A&gdpr=0

Request Chain 195

https://ib.adnxs.com/setuid/a9?entity=188&code=BOogxwxFQKmbc8zXJC5a_w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BOogxwxFQKmbc8zXJC5a_w

Request Chain 196

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=p3ACtj6QSO-y-dY8sbljng&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=p3ACtj6QSO-y-dY8sbljng&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7

Request Chain 197

https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=OYqnumfIQeuS81vELTtwmA&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=5262227870318371258

Request Chain 198

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=213460604446013157664&ex=neustar.biz

Request Chain 199

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=_2FjztlYRYW-FEb5oMao3A&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=_2FjztlYRYW-FEb5oMao3A&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAUW7X619Z84voxxwAtC0gAA

Request Chain 200

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=7e85cd031f23d561c8594fa8e55b874e

Request Chain 201

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 202

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=9AHZPgIUR5SlcOBbu8dn1w HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=9AHZPgIUR5SlcOBbu8dn1w

Request Chain 203

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=fcfa58f2-5d7f-4db0-9140-c089099db0a0

Request Chain 204

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=e377cc2676e04ea7ab58295fed12483a

Request Chain 206

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini HTTP 302
https://s.amazon-adsystem.com/ecm3?id=y-RUmSff9E2pEL8Hb3yHunVvj7lMwHvzzWKlhI~A&status=OK&ex=gemini

Request Chain 207

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=c7568fd6614cd9a4f3b457cbf6a225&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 208

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 210

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7&ex=improvedigital.com

Request Chain 212

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10da3203909ebbf3a

Request Chain 213

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Jh8OTgnOSuWXu2lwcw-siw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Jh8OTgnOSuWXu2lwcw-siw

Request Chain 214

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=l7GLKaxeQEmDxK6FOqWwVg&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=a91cd82f15477f675e5a285dbf3f8aa&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=l7GLKaxeQEmDxK6FOqWwVg

Request Chain 215

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=4-vgXKdmSw6AWmcG_jMToA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=4-vgXKdmSw6AWmcG_jMToA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29142895653637505314047734567336002726

Request Chain 216

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=ZAtYQjCdQ0KXj4m4f9Zpvg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829190670459339&gdpr=&gdpr_consent=

Request Chain 217

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=268821837971972619

Request Chain 218

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=aeeddba6-bba4-11ed-948b-1630a1100103 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aeeddb3e-bba4-11ed-948b-1630a1100103

Request Chain 219

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2262cfee07-691e-48c7-9bb1-e1337e11e10f%22,%22Time%22:%2220230305T222550.359867%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=62cfee07-691e-48c7-9bb1-e1337e11e10f

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHBa5UcUz-GxNFqmw7IpevU&google_cver=1

Request Chain 222

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=86f38b732d9addceaf0257c266d18218

Request Chain 223

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2062fee6-336f-c54a-32f6-4f8057d8d773

Request Chain 224

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=LVch3S6Bv-dI7M9FuW4s5zc4dVA4ZgAC

Request Chain 225

https://eb2.3lift.com/xuid?mid=8341&xuid=R_NMhzpbTx-c8ND6glzGhg&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=R_NMhzpbTx-c8ND6glzGhg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4280480132897842736142

Request Chain 226

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B444F94C60CB8709

Request Chain 227

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=6804367242380401746&ex=appnexus.com

Request Chain 228

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=I-dKX8a7SIui5SfHA0TJ3g&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=I-dKX8a7SIui5SfHA0TJ3g

Request Chain 229

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=9eBNK7fBlWSrWQPOQ-laMw&ex=rubiconproject.com&status=ok

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=qBPDZ0NwQfyjkmyCu4k2Ew& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 231

https://loadus.exelator.com/load/?p=204&g=8888&j=0 HTTP 302
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e0cb9d6d623f3ad589bbbe348100349c

Request Chain 232

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DEE1605649B160C2A02A097B2

Request Chain 233

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=1e2dc66f52f5ad8920dbedcde33f6dad1c5a38abfde01da0f370e0b6ada87ff9

Request Chain 234

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B25609FA-0E1D-496B-B2BE-C238C61F61F2

Request Chain 235

https://us-u.openx.net/w/1.0/sd?id=537072986&val=GtnLoWQSR1SD2-1WF3qGhg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=GtnLoWQSR1SD2-1WF3qGhg

Request Chain 236

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4c5e4312-6f2b-4038-8b88-85a1f83fd5c9-tuctafe9c6e

238 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request refund-policy-update Show response
squareup.com/au/en/press/
Redirect Chain

https://kjfjb2yk.r.us-west-2.awstrack.me/L0/https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733a546a4b9230189ac522b48&_e=QwLQQeyjnQKkq_N3iyYW2ynh_wuTUytCJ1...
https://links.squareupmessaging.com/u/click?_t=d3359b52bac54899b79aca6957872390&_m=9885a2b733a546a4b9230189ac522b48&_e=QwLQQeyjnQKkq_N3iyYW2ynh_wuTUytCJ1DBTlZWx-biYKvpIPYXSaBIImSW0CgC175RNEfpZrhnUs...
https://squareup.com/au/en/press/refund-policy-update

41 KB
13 KB

521ms
181ms

Document
text/html

162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d698de4e545cf981470a003ef8249ab0fe497358e0bbf591ae7c36883ed6658

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
cache-control: max-age=0, public, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35c6a8983e8c35-EWR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:38 GMT
link: <https://xms-production-f.squarecdn.com/xms/assets/application-ec30a82bd7d80368c5e0be9d736454b22720f74023167a4fc8254cef6a91d466.css>; rel=preload; as=style, <https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js>; rel=preload; as=script, <https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Upright-VF.woff2>; rel=preload; as=font; type=font/woff2; crossorigin, <https://square-fonts-production-f.squarecdn.com/square-display/SquareSansDisplay-VF.woff2>; rel=preload; as=font; type=font/woff2; crossorigin, <https://images.ctfassets.net>; rel=preconnect; crossorigin
server: cloudflare
strict-transport-security: max-age=631152000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-debug-cf-cache-tag: app:xms,page_cache_key_hash:251345aaacc5307dc65a31e40b7d885e3d361f7879934dce4f445433969c7f68,locale:en-AU
x-debug-cf-cdn-cache-control: max-age=300, stale-if-error=86400, stale-while-revalidate=86400
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
content-security-policy: base-uri 'none'; worker-src 'self' blob:; report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub46dd5cf52153d917fc1d5e91ff3a600d&dd-evp-origin=content-security-policy&ddsource=csp-report; frame-ancestors 'self' https://links.iterable.com; script-src 'none'; object-src 'none'
date: Sun, 05 Mar 2023 22:25:38 GMT
location: https://squareup.com/au/en/press/refund-policy-update
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
request-time: 1
server: iterable-links d881
vary: Origin
via: 1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
x-amz-cf-id: uoO9RIRXPYzyVAwzAMKyP0kdgN9Hb-AhGsoERM3_73SkYCGmjcScdA==
x-amz-cf-pop: PHL50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

GET
H2 200 application-ec30a82bd7d80368c5e0be9d736454b22720f74023167a4fc8254cef6a91d466.css
xms-production-f.squarecdn.com/xms/assets/ 1 MB
111 KB 96ms
27ms Stylesheet
text/css 151.101.129.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://xms-production-f.squarecdn.com/xms/assets/application-ec30a82bd7d80368c5e0be9d736454b22720f74023167a4fc8254cef6a91d466.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bceee10c241fc64a7e0868848fccc29e6a405bd7c7a569d9712e406bc56be1ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 24 Feb 2024 04:39:31 GMT
x-amz-version-id: Pq9TuzlMifslhoJ.CZ9kxPpCL60CFNHZ
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Mar 2023 22:25:38 GMT
x-amz-request-id: 3NRPKN64MYT44VYE
age: 795677
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 112788
x-amz-id-2: QW+PISF9n9c4yvdz9jt3U2m64SmH7hF9NsAwQLgRzFmd2izvamG6McIgh1nPqkKvS1kjG2PhrKQ=
x-served-by: cache-ewr18125-EWR
last-modified: Thu, 23 Feb 2023 22:39:32 GMT
server: AmazonS3
x-timer: S1678055139.910845,VS0,VE0
etag: "631c6485dc47e45d4372cff8dc00f481"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 527

GET
H2 200 application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js Show response
xms-production-f.squarecdn.com/xms/assets/ 1 MB
331 KB 135ms
66ms Script
application/javascript 151.101.129.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Sat, 24 Feb 2024 04:39:31 GMT
x-amz-version-id: 2JHg9uMKt4laV6ju8X95kF2L.fgmcUje
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Mar 2023 22:25:38 GMT
x-amz-request-id: X3T3A3DY7SYBCJBE
age: 795676
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 338484
x-amz-id-2: 9b6KEDntI3QwI3errY1SxlGUc7TSiPKgEWDiiH5jBn4I4W2I6Riy204lYuaTPQ160L+v3qHtiVM=
x-served-by: cache-ewr18125-EWR
last-modified: Thu, 23 Feb 2023 22:39:32 GMT
server: AmazonS3
x-timer: S1678055139.911092,VS0,VE1
etag: "349e05861ea772042f0e1f3f2d03ddeb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 SquareSansText-Upright-VF.woff2
square-fonts-production-f.squarecdn.com/square-text/ 35 KB
35 KB 105ms
36ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Upright-VF.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5575694036a2d342f18ca455251396c6dc98214f30641c3c7539d5568aefd6e9

Request headers

Referer: https://squareup.com/
Origin: https://squareup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: TDwvh9hzd3ZbRCeYrTUzII6N.yrxx_W.
date: Sun, 05 Mar 2023 22:25:38 GMT
via: 1.1 varnish
x-amz-request-id: TY9Q5EVC559BN8HW
age: 576
x-cache: HIT
content-length: 35844
x-amz-id-2: Ul5Kjz/ap1CgCc2X45GARPztt5j8mbxcIdFHEc/JLiir7/8X1//vfl3yJ+LwPmKKE/jH0wmrWmQ=
x-served-by: cache-ewr18153-EWR
last-modified: Wed, 02 Nov 2022 21:10:28 GMT
server: AmazonS3
x-timer: S1678055139.910942,VS0,VE0
etag: "b4a5ad35b82b05e604dd82769f724078"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 SquareSansDisplay-VF.woff2
square-fonts-production-f.squarecdn.com/square-display/ 79 KB
80 KB 97ms
29ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-display/SquareSansDisplay-VF.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cba70d41db343add3f16ae30f5e7f32831fd1e23b00157b7d7bf323708340b30

Request headers

Referer: https://squareup.com/
Origin: https://squareup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: J5Y7myDO3ShFrFOunMTfbMyL8W17emTM
date: Sun, 05 Mar 2023 22:25:38 GMT
via: 1.1 varnish
x-amz-request-id: VS1JGV8DC2VEDW9Q
age: 1375
x-cache: HIT
content-length: 81220
x-amz-id-2: ynq9mo2tBvRTXXhYyiMTgBN4DOM1MoNVsBElCrWbuZu0DI2v7u+BRTqx0JKpMXgAeUXrRZoNv5I=
x-served-by: cache-ewr18153-EWR
last-modified: Wed, 02 Nov 2022 21:10:28 GMT
server: AmazonS3
x-timer: S1678055139.910952,VS0,VE0
etag: "0407f3d7df11716cb2ecfa0f87e58f99"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 8447815042.js Show response
xms-production-f.squarecdn.com/optimizelyjs/ 393 KB
108 KB 113ms
65ms Script
text/javascript 151.101.129.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://xms-production-f.squarecdn.com/optimizelyjs/8447815042.js
Requested by: Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aebb00a87098780f0361f68e369ceba4ec04ffc631b73e42a48f1112edc975a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-meta-pci_enabled: True
x-amz-version-id: gYzLLMdX.H3Oae7j._2wCfSYbQr789dr
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Mar 2023 22:25:38 GMT
x-amz-request-id: YYG9STRVM3ZFME4E
age: 135
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-revision: 42039
x-amz-replication-status: PENDING
content-length: 109857
x-amz-id-2: k+REQOhbIJd7T2FBgL2fY+Wl6AhXyt+dzqveV/bcnh2a2VdU77wlMIa9GOfPZv5ek3agYF4EBIM=
x-served-by: cache-ewr18125-EWR
last-modified: Fri, 03 Mar 2023 23:26:31 GMT
server: AmazonS3
x-timer: S1678055139.911072,VS0,VE1
etag: "b30b7763cf8b899087547ab9b7b8d0ca"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=300
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *
x-cache-hits: 1

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 114ms
75ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://squareup.com/
Origin: https://squareup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:38 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a35c6aa1836d153-BUF

GET
DATA 200
OK truncated
/ 360 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a636926916454fc360db34a2bb50a1e47d9585e721bbab07219a3235a7ebfa8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 SquareSansText-Medium.woff2
square-fonts-production-f.squarecdn.com/square-text/ 33 KB
34 KB 29ms
28ms Font
font/woff2 151.101.193.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://square-fonts-production-f.squarecdn.com/square-text/SquareSansText-Medium.woff2
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-ec30a82bd7d80368c5e0be9d736454b22720f74023167a4fc8254cef6a91d466.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04e85eea06f360b431634528dfb02ea384ed5ba559988779e3fd05548bd2d4f3

Request headers

Referer: https://xms-production-f.squarecdn.com/
Origin: https://squareup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: I07qybJglxO_fAthtZULQBkKQ63Tj8S9
date: Sun, 05 Mar 2023 22:25:39 GMT
via: 1.1 varnish
x-amz-request-id: 14EDZPAGK97BWCQT
age: 794
x-cache: HIT
content-length: 34212
x-amz-id-2: Vpz7UhU6dQQ7NPJQiYoAuiIb1OIq0uZsfBcW6YZV6C7a+KtY/7dJg5HOBa74DrwqQh62HCKaagU=
x-served-by: cache-ewr18153-EWR
last-modified: Wed, 02 Nov 2022 21:10:28 GMT
server: AmazonS3
x-timer: S1678055139.124547,VS0,VE0
etag: "ee9f02c1a67ec4e150c7695b84fad7a0"
content-type: font/woff2
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 item_count Show response
squareup.com/shop/hardware/au/en/api/v1/ 46 B
3 KB 164ms
163ms Fetch
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/shop/hardware/au/en/api/v1/item_count

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57aea80e2685178189b473e9588071375b2971d524b7db45723d8ae0bf9a778c

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/au/en/press/refund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-security-policy-report-only: default-src 'self' data: solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com; base-uri 'self'; block-all-mixed-content; child-src 'self' tealium-f.squarecdn.com tealium-c.squarecdn.com d3a2ymoycmbv15.cloudfront.net solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com connect.squareup.com connect.squareupstaging.com a8447815042.cdn-pci.optimizely.com staging.web.squarecdn.com/v1/square.js web.squarecdn.com/v1/square.js; connect-src ws: wss: 'self' data: solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com data-platform-staging.squarecloudservices.com data-platform.squarecloudservices.com *.squareup.com *.squareupstaging.com *.mktoresp.com *.google.com *.google-analytics.com connect.facebook.net logx.optimizely.com errors.client.optimizely.com; font-src 'self' data: solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com data-platform-staging.squarecloudservices.com data-platform.squarecloudservices.com *.squareup.com *.squareupstaging.com *.mktoresp.com *.google.com *.google-analytics.com connect.facebook.net; object-src 'self' solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com; script-src 'self' 'unsafe-inline' solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com data-platform-staging.squarecloudservices.com data-platform.squarecloudservices.com *.squareup.com *.squareupstaging.com *.mktoresp.com *.google.com *.google-analytics.com connect.facebook.net cdn-pci.optimizely.com geolocation.onetrust.com/cookieconsentpub/v1/geo/location staging.web.squarecdn.com/v1/square.js web.squarecdn.com/v1/square.js martech-production-c.squarecdn.com/martech.js martech-staging-c.squarecdn.com/martech.js martech-development-c.squarecdn.com/martech.js www.googletagmanager.com/gtm.js; style-src 'self' 'unsafe-inline' solidshop-production-c.squarecdn.com solidshop-production-f.squarecdn.com xms-production-f.squarecdn.com solidshop-staging-c.squarecdn.com solidshop-staging-f.squarecdn.com xms-staging-f.squarecdn.com d1g145x70srn7h.cloudfront.net square-fonts-production-f.squarecdn.com images.ctfassets.net cdn.cookielaw.org *.facebook.com; report-uri https://squareup.com/1.0/as-reporter/csp/TWmT61QupXf4ZzbCUmpKb1K5_kA4rMhMV1K_x25hnPlO
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"57aea80e2685178189b473e958807137"
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-language: en-au
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a35c6ac0df88c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct

GET
H2 401 status
squareup.com/mp/ 2 B
0 77ms
77ms Fetch
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/mp/status

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; base-uri 'none'; script-src 'nonce-bhuUuhgEVFLeP5JPsYEw0A==' 'unsafe-inline' 'strict-dynamic' https: http: 'report-sample'; report-uri https://sentry.io/api/1474740/security/?sentry_key=f510e74496ac409fb59c50c52d7822da
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/au/en/press/refund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
strict-transport-security: max-age=631152000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
frame-options: SAMEORIGIN
server: cloudflare
content-security-policy: object-src 'none'; base-uri 'none'; script-src 'nonce-bhuUuhgEVFLeP5JPsYEw0A==' 'unsafe-inline' 'strict-dynamic' https: http: 'report-sample'; report-uri https://sentry.io/api/1474740/security/?sentry_key=f510e74496ac409fb59c50c52d7822da
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: no-store
cf-ray: 7a35c6ac0dfa8c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK 8447815042 Show response
tapi.optimizely.com/api/js/odds/project/ 272 B
695 B 330ms
236ms XHR
application/json 2600:1400:c000:385::19f0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tapi.optimizely.com/api/js/odds/project/8447815042?project=8447815042&c_dajs_user_id_optimizely=null
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/optimizelyjs/8447815042.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1400:c000:385::19f0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.15.12 / Express
Resource Hash: 65b530cdc8b9c49fbb1bf3a1511d1289afbe6c3c333b00d32555282969fba497

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:39 GMT
Server: nginx/1.15.12
X-Uncacheable: WTF
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://squareup.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 272
Expires: Sun, 05 Mar 2023 22:25:39 GMT

GET
H2 200 a8447815042.html Show response
a8447815042.cdn-pci.optimizely.com/client_storage/ Frame 8674 2 KB
1 KB 123ms
28ms Document
text/html 23.217.19.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a8447815042.cdn-pci.optimizely.com/client_storage/a8447815042.html
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/optimizelyjs/8447815042.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.217.19.182 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-217-19-182.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 200a359f0489bda767af63764ca362de52502f1b0d16be5ea35b2d2f2ebc4f57

Request headers

Referer: https://squareup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 784
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:39 GMT
etag: "89b96cdf46aa3798b0d573316ba720f3"
last-modified: Fri, 03 Mar 2023 23:26:07 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-id-2: CKosWSzzATyti3LlU3HGD1gYiJa7Z1bDlYYGwxHtZQRoUHovBQiAE8TH0G3jUzZh3fohP2F9ZZs=
x-amz-meta-pci_enabled: True
x-amz-replication-status: COMPLETED
x-amz-request-id: E4Q61QJNRCFJB9YJ
x-amz-server-side-encryption: AES256
x-amz-version-id: Cwui_XYZtUAtPhWAzhnC1_vXfUnNJslM

OPTIONS
H2 200 batch
data-platform.squarecloudservices.com/v1/ Frame 0
0 150ms
59ms Preflight 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-cdp-batch-id,x-request-id
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 05 Mar 2023 22:25:39 GMT
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

OPTIONS
H2 200 batch
data-platform.squarecloudservices.com/v1/ Frame 0
0 135ms
58ms Preflight 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-cdp-batch-id,x-request-id
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 05 Mar 2023 22:25:39 GMT
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

POST
H2 200 batch Show response
data-platform.squarecloudservices.com/v1/ 16 B
104 B 134ms
131ms Fetch
text/plain 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

762c2749580c286a68d4528d912a4afa02a17dc2025c6c65b17b0dfab8291408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
x-cdp-batch-id: v1:yaiUsx/6Xa/RB3QlJo/attzYFvvgz56OBZaiGD2Osv4=
authorization: Basic NDFlYzFiNjgtMjFiMS00Njg3LTg1M2EtZjk2OGU1NDEzNGRiOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-request-id: v1:yaiUsx/6Xa/RB3QlJo/attzYFvvgz56OBZaiGD2Osv4=
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
content-type: text/plain; charset=utf-8
access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
content-length: 16
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
26ms Script
text/javascript 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 20:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5895
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 05 Mar 2023 22:47:24 GMT

GET
H2 200 martech.js Show response
martech-production-c.squarecdn.com/ 8 KB
3 KB 406ms
30ms Script
application/javascript 13.33.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://martech-production-c.squarecdn.com/martech.js
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-98.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a30a316edd9f2ecc4ff28c02886285bf2ddf901eaf80c77633f12fcde02643c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 08:42:15 GMT
x-amz-version-id: QnvBXaKJvL__0sO7NrguOgtGyBuXk9Hn
content-encoding: br
last-modified: Wed, 12 Oct 2022 18:15:13 GMT
server: AmazonS3
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
etag: W/"1f44cc3856b35d2469a8574dc7a88f7f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 49405
x-amz-cf-id: EmG73gN15sQsN9oyZbZkXTttottrcs3Wt_-GABUYnF40CSusR0FFww==

POST
H2 200 batch Show response
data-platform.squarecloudservices.com/v1/ 16 B
82 B 145ms
140ms Fetch
text/plain 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

762c2749580c286a68d4528d912a4afa02a17dc2025c6c65b17b0dfab8291408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
x-cdp-batch-id: v1:3C2Vkq1tJJNb4Im5x/nGXBBk0+lhwYZwbKG7uR4i2Pc=
authorization: Basic NDFlYzFiNjgtMjFiMS00Njg3LTg1M2EtZjk2OGU1NDEzNGRiOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-request-id: v1:3C2Vkq1tJJNb4Im5x/nGXBBk0+lhwYZwbKG7uR4i2Pc=
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
content-type: text/plain; charset=utf-8
access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
content-length: 16
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 batch Show response
data-platform.squarecloudservices.com/v1/ 16 B
82 B 243ms
241ms Fetch
text/plain 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

762c2749580c286a68d4528d912a4afa02a17dc2025c6c65b17b0dfab8291408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
x-cdp-batch-id: v1:Xi/MleftOYQ9jpdI2lVXeoAWZhyeML723i9q4C7441w=
authorization: Basic NDFlYzFiNjgtMjFiMS00Njg3LTg1M2EtZjk2OGU1NDEzNGRiOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-request-id: v1:Xi/MleftOYQ9jpdI2lVXeoAWZhyeML723i9q4C7441w=
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
content-type: text/plain; charset=utf-8
access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
content-length: 16
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 25 KB
9 KB 73ms
32ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ewgd1d1Vp0nFNYpIMiFTtA==
age: 51179
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8460
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:12 GMT
server: cloudflare
etag: 0x8DB1B5D10AED08B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fa531f66-201e-0068-45ee-4d86b7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6adfb5ed14f-BUF

GET
H2 200 pixel_tracking
api.squareup.com/2.0/log/ 43 B
552 B 163ms
74ms Image
image/gif 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.squareup.com/2.0/log/pixel_tracking?app_name=xms&u_library_name=js%2Feventstream&u_library_version=2.4.5&webpage_path=%2Fau%2Fen%2Fpress%2Frefund-policy-update&webpage_referrer=&webpage_title=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&webpage_search=&webpage_full_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&webpage_base_url=https%3A%2F%2Fsquareup.com&browser_name=Chrome&browser_version=110.0.5481.177&browser_major_version=110&os_name=Windows&os_version=10&device_screen_height=1200&device_screen_width=1600&browser_height=1200&browser_width=1600&catalog_name=page_view&subject_anonymous_token=c313568c-166a-4964-9720-ec68e50acf25&nocache=16780551394451

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
frame-options: DENY
x-sq-dc: iad2b
vary: Accept-Encoding, User-Agent
x-frame-options: DENY
content-type: image/gif
x-sq-region: iad2b
cf-ray: 7a35c6ae4d7ac416-EWR
content-length: 56
x-xss-protection: 1; mode=block

OPTIONS
H2 200 batch
data-platform.squarecloudservices.com/v1/ Frame 0
0 131ms
59ms Preflight 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-cdp-batch-id,x-request-id
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 05 Mar 2023 22:25:39 GMT
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 detect_country.json Show response
squareup.com/ 317 B
340 B 187ms
186ms XHR
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/detect_country.json?country_code=AU&lang_code=en&canonical_path=/press/refund-policy-update

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5cb1da93342a14688ffb8a170ab7b503ac8b393f7ba3f964d5ae0051f05a2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://squareup.com/au/en/press/refund-policy-update
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"c5cb1da93342a14688ffb8a170ab7b50"
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a35c6adc8fc8c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct

GET
H2 200 tracking.json Show response
squareup.com/ 85 B
309 B 186ms
184ms XHR
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/tracking.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5811becfceb9c687e1b7af2caddc84272b8b0790e418bc90414bc91505684b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://squareup.com/au/en/press/refund-policy-update
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"5811becfceb9c687e1b7af2caddc8427"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a35c6adc9058c35-EWR
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Auth-Token, X-Allow-Cookies, X-Block-Cookies, x-kpsdk-cd, x-kpsdk-ct

GET
H2 200 munchkin-0800d0ee633445e8e187b53e660d133b5329e1c9e94a77ed1126d3ebf8912125.js Show response
squareup.com/xms/assets/ 8 KB
4 KB 143ms
142ms XHR
application/javascript 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/xms/assets/munchkin-0800d0ee633445e8e187b53e660d133b5329e1c9e94a77ed1126d3ebf8912125.js?_=1678055139134

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0800d0ee633445e8e187b53e660d133b5329e1c9e94a77ed1126d3ebf8912125

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://squareup.com/au/en/press/refund-policy-update
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
content-length: 3638
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Feb 2023 00:32:00 GMT
server: cloudflare
x-download-options: noopen
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-store
cf-ray: 7a35c6adc9078c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct

GET
DATA 200
OK truncated
/ 360 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecce39d17e9a257134727f155398b7a48ca3d3428dbc3252621373fb49dd1b7b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 200
OK c3474cd1-e23b-4f7e-b2b2-3b4184367910
https://squareup.com/ 26 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://squareup.com/c3474cd1-e23b-4f7e-b2b2-3b4184367910
Requested by: Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16ab19138b25dd9a33eace9e0a61357b3d8c701c1e8dd4a5f7b5e22364a3935c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 26191
Content-Type

GET
H2 200 c4657020-c7d1-4a14-a091-267a7ee4863e.json Show response
cdn.cookielaw.org/consent/c4657020-c7d1-4a14-a091-267a7ee4863e/ 5 KB
2 KB 64ms
28ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c4657020-c7d1-4a14-a091-267a7ee4863e/c4657020-c7d1-4a14-a091-267a7ee4863e.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e76b6ca74cb56845448fbed05589c4af6556a577c865f45e10b3b6e50a1e3bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: RNbC5yE9M9+7O966+xHXOA==
age: 59891
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1838
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 20:40:45 GMT
server: cloudflare
etag: 0x8DB151512A9D3D4
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f767a0c9-301e-00ff-4bfd-46e57e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6ae6b7ad14f-BUF
expires: Mon, 06 Mar 2023 22:25:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
207 B 40ms
39ms XHR
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1915024503&t=pageview&_s=1&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&dp=%2Fau%2Fen%2Fpress%2Frefund-policy-update&ul=en-us&de=UTF-8&dt=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1431253352&gjid=942555454&cid=1355407965.1678055140&uid=c313568c-166a-4964-9720-ec68e50acf25&tid=UA-9517040-46&_gid=421933653.1678055140&_r=1&_slc=1&cd10=c313568c-166a-4964-9720-ec68e50acf25&z=629101400

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://squareup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
345 B 121ms
47ms XHR
text/plain 2607:f8b0:4004:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9517040-46&cid=1355407965.1678055140&jid=1431253352&uid=c313568c-166a-4964-9720-ec68e50acf25&gjid=942555454&_gid=421933653.1678055140&_u=YEBAAEAAAAAAACAAI~&z=1003101613

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9c Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Mar 2023 22:25:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://squareup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/ 402 KB
96 KB 32ms
31ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0jjE9bRWjdK9YwiQScw/ZQ==
age: 33984
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 98329
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:10 GMT
server: cloudflare
etag: 0x8DB1098882046FE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b85edcd3-601e-0020-7395-42b42a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6aeab85d14f-BUF

GET
H/1.1 200
OK visitWebPage Show response
424-iab-218.mktoresp.com/webevents/ 2 B
318 B 381ms
88ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://424-iab-218.mktoresp.com/webevents/visitWebPage?_mchNc=1678055139617&_mchCn=&_mchId=424-IAB-218&_mchTk=_mch-squareup.com-1678055139616-40865&_mchWs=j1RQ&_mchHo=squareup.com&_mchPo=&_mchRu=%2Fau%2Fen%2Fpress%2Frefund-policy-update&_mchPc=https%3A&_mchVr=154&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:25:39 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 9d8eb697-cf7c-4611-a5d0-ba01126beb09

GET
H2 200 en-us.json Show response
cdn.cookielaw.org/consent/c4657020-c7d1-4a14-a091-267a7ee4863e/182d0dd3-fae6-4b5d-8110-93a81adfaeca/ 176 KB
31 KB 29ms
29ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/c4657020-c7d1-4a14-a091-267a7ee4863e/182d0dd3-fae6-4b5d-8110-93a81adfaeca/en-us.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

709d69bca6a0fb4f466cebd0a311960e56f6aa3d04795403b18577dfda78f5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: eYuJ5u10k1V9gF5qada5Uw==
age: 59890
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 32029
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 20:40:49 GMT
server: cloudflare
etag: 0x8DB151514FDA4EF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 22bab447-401e-0155-1cfd-4675c4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6af1ba6d14f-BUF
expires: Mon, 06 Mar 2023 22:25:39 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 142ms
57ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9517040-46&cid=1355407965.1678055140&jid=1431253352&_u=YEBAAEAAAAAAACAAI~&z=1827449309

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 9 KB
3 KB 37ms
35ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCenterRounded.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3j6krUd8tta5DgtKf9NJpg==
age: 59890
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:04 GMT
server: cloudflare
etag: 0x8DB1098846D14B4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ca1df6f4-101e-0109-25fd-46843d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6af7bccd14f-BUF

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/ 61 KB
13 KB 32ms
31ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/v2/otPcCenter.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Z9ctTlIOTjmEMU/y5+FSYA==
age: 59890
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12548
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:06 GMT
server: cloudflare
etag: 0x8DB10988547EC3F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: dfac4462-c01e-014f-11fd-465aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6af7bcdd14f-BUF

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202301.2.0/assets/ 21 KB
4 KB 34ms
33ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202301.2.0/assets/otCommonStyles.css

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 59890
x-ms-lease-status: unlocked
last-modified: Fri, 17 Feb 2023 03:39:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 873b6592-101e-0060-5cfd-469dc4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a35c6af7bced14f-BUF

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
489 B 34ms
33ms Fetch
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 59890
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 6b118052-801e-0080-2347-4d7b4c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a35c6afcbe0d14f-BUF

GET
H2 200 Square_combinationmark_black.png
cdn.cookielaw.org/logos/aa498dad-1691-4c3b-894a-906c990be323/eab8b6ff-57d6-438a-a7e5-c58dd370ce73/000d8b20-8c3d-4f4f-a0da-5b515f8f20d2/ 31 KB
32 KB 29ms
28ms Image
image/png 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/aa498dad-1691-4c3b-894a-906c990be323/eab8b6ff-57d6-438a-a7e5-c58dd370ce73/000d8b20-8c3d-4f4f-a0da-5b515f8f20d2/Square_combinationmark_black.png

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e11e7676cb4332944ae6c7a9abd2b87d56721ebbf87227cc2dac0a7c343b3a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 6SIaNAIwJI1xTX1pg+csoQ==
age: 3002
content-length: 31949
x-ms-lease-status: unlocked
last-modified: Tue, 30 Mar 2021 18:43:19 GMT
server: cloudflare
etag: 0x8D8F3ABB01160DE
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0185b66a-201e-00c2-116c-c45058000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7a35c6affbebd14f-BUF

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 31ms
31ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 05 Mar 2023 22:25:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 5042
x-ms-lease-status: unlocked
last-modified: Thu, 02 Mar 2023 20:31:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 3f27bb0a-b01e-00e5-16ef-4dca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7a35c6affbecd14f-BUF

GET
H2 200 tracking.json Show response
squareup.com/ 85 B
366 B 168ms
167ms Fetch
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/tracking.json

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5811becfceb9c687e1b7af2caddc84272b8b0790e418bc90414bc91505684b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/au/en/press/refund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=631152000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"5811becfceb9c687e1b7af2caddc8427"
x-download-options: noopen
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE, HEAD
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
cf-ray: 7a35c6b03d4f8c35-EWR
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, X-Auth-Token, X-Allow-Cookies, X-Block-Cookies, x-kpsdk-cd, x-kpsdk-ct

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
286 B 193ms
94ms Fetch
application/json 2600:1f18:24e6:b902:ce86:cbe1:655c:7a53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.34.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Axms&dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin-version=4.34.0&dd-evp-origin=browser&dd-request-id=1276c2e1-564d-4377-9830-8953f1d579d4&batch_time=1678055139863

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:ce86:cbe1:655c:7a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5e610547cbf9f5463e6cd50c71044a0b444972687a143f29a798e175d6078718

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
238 B 33ms
31ms XHR
text/plain 3.219.0.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.0.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-0-3.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://squareup.com
Access-Control-Expose-Headers
Date: Sun, 05 Mar 2023 22:25:40 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain

OPTIONS
H/1.1 200
OK log
errors.client.optimizely.com/ Frame 0
0 188ms
31ms Preflight
text/plain 3.219.0.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.0.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-0-3.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: https://squareup.com
Access-Control-Max-Age: 1800
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Type: text/plain
Date: Sun, 05 Mar 2023 22:25:40 GMT

GET
H2 200 mshc9skt2uyu.js Show response
js.driftt.com/include/1678055400000/ 220 KB
62 KB 364ms
169ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1678055400000/mshc9skt2uyu.js

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

20bade3fe577eb0459ea9aecc92f104b1956171f01df77e5fc1e6456854c3e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ujbVwexCe_8HD5aTpc0Zq4X3J8r4abpr
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Sun, 05 Mar 2023 22:25:40 GMT
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 31
last-modified: Fri, 03 Mar 2023 19:36:42 GMT
server: istio-envoy
etag: W/"ee438859a316dc620d6ce76b4ee725bc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 10R9epoRgCaXavQiJoUINKBm3Gy0quoKoQ9WTc_CcOXfLQxU0epG4Q==

GET
H2 200 p.js Show response
squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ 180 KB
65 KB 131ms
130ms Script
application/javascript 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c0c296aaf1516b58ca5f2652416203be4c44730de363810d981816d16598369

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/au/en/press/refund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
etag: e3ecf14c2bec4d1d5be4521ed85dd31f865e5032-Exad7uH/jIm++Zp3iXw1oukH2G0=-OwGbuQzRYAWuxfOK/Q0BiQ8bM80=
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
cf-ray: 7a35c6b07dd58c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
content-length: 66403
expires: Sun, 05 Mar 2023 22:26:40 GMT

POST
H2 204 rum Show response
squareup.com/cdn-cgi/ 0
149 B 58ms
57ms XHR
text/plain 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/cdn-cgi/rum?

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://squareup.com/au/en/press/refund-policy-update
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:39 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://squareup.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a35c6b07dda8c35-EWR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 508 KB
99 KB 107ms
43ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Requested by

Host: martech-production-c.squarecdn.com
URL: https://martech-production-c.squarecdn.com/martech.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b19039e127a086cf9c4e50da49ebb11265889c1c7bfa8b591360978377799b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100520
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 22:25:40 GMT

GET
H2 429 fp Show response
squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 8E0A 870 B
2 KB 90ms
90ms Document
text/html 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7f0b219872825774a800f3246f8a762ca92e9b89fae202ac842867134b18fb

Request headers

Referer: https://squareup.com/au/en/press/refund-policy-update
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a35c6b238988c35-EWR
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:40 GMT
expires: 0
p3p: CP="This site does not specify a policy in the P3P header"
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-kpsdk-ct: 02Elkhys5EKjD7dNGQuf03CvR0718JIIAA9u4pUH0Fdtgisr9DhZrbxDzsZfjnLMiZ0daBaPgtWHPJIsIsbo0uhvIZkyJJLQEzgfEzp45YIi8eEY77cEE4Z2tQmY2HgjG2ZaICglNA87hpeNnY186zp

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984344943/ 2 KB
2 KB 145ms
58ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984344943/?random=1678055140234&cv=11&fst=1678055140234&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32463e767124f7199af6f6c2154a1192fdd0405a0c04981b1f90639e0a744d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1216
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/984344943/ 2 KB
1 KB 149ms
63ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984344943/?random=1678055140240&cv=11&fst=1678055140240&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=a38ECOnO7gQQ79Kv1QM&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ec628b9bc1ff7faa3842e9b53f61f5ea26f2e288ff86236e27be6c0e2bf0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/630646945/ 3 KB
2 KB 384ms
48ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/630646945/?random=1678055140241&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&value=0&bttype=purchase&auid=2047981498.1678055140&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

fef5d131982a33c34525acfb0ba651a7715b15e34cbc458ab444f3d347b1a257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1629
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/746791505/ 2 KB
1 KB 206ms
126ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/746791505/?random=1678055140247&cv=11&fst=1678055140247&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&auid=2047981498.1678055140&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7cdf6f793e0d021419fc19fe2b3ca2a8487b301115eaa3b4c49cf552f799158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1215
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 99ms
32ms Script
application/x-javascript 2a03:2880:f07e:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 22:25:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LQGy+94wQUaIrI/puLhnYLuFS6h8kXFmBrkcQiBzI+Bw/6F/Y9QDBonZpciZ0980kYv4JzlwTJIJdUexqeTpmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795 Show response
9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/ Frame 378A
Redirect Chain

https://9628652.fls.doubleclick.net/activityi;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;...
https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/...

575 B
668 B

116ms
114ms

Document
text/html

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

dafc07f1010c9143470c626b6d0c197eedfe72980f7ea392cea45a96b1cdc4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://squareup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:25:40 GMT
expires: Sun, 05 Mar 2023 22:25:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:25:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
79 KB 41ms
40ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-65K13HQ4KD&l=martechJsDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5978185f53e19d8f1d3a1efe0d40c21cba249017a4d6af5bc5654b147d15ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Mar 2023 22:25:40 GMT

GET
H2 200 ips.js Show response
squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 8E0A 230 KB
93 KB 273ms
272ms Script
application/javascript 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=02Elkhys5EKjD7dNGQuf03CvR0718JIIAA9u4pUH0Fdtgisr9DhZrbxDzsZfjnLMiZ0daBaPgtWHPJIsIsbo0uhvIZkyJJLQEzgfEzp45YIi8eEY77cEE4Z2tQmY2HgjG2ZaICglNA87hpeNnY186zp
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d872f0fc3c539694fa5b5102857ee7e38819a3dc3216b5b4698b236e74d0e6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-kpsdk-ct: 025ym43XUMEfNgol6RqjNq4CfQ3u7w3wMYhTGbcg9dLFTualXvHHeSMCOMj0gy4WUFPzs81xTeYCbXRNXHMD5neFHS6gaNGLdcJHy2ZR9xmdpQRx5ZN7IlOLAg4x4IjZPLcTOr4bjFa6lrVYknTsUt5
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: CP="This site does not specify a policy in the P3P header"
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7a35c6b2d9878c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
content-length: 94288
expires: 0

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 8E0A 17 KB
6 KB 57ms
56ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://squareup.com/
Origin: https://squareup.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7a35c6b2da87d153-BUF

GET
H2 200 core Show response
js.driftt.com/ Frame 3781 2 KB
1 KB 54ms
52ms Document
text/html 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1678055400000/mshc9skt2uyu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b3481de1d6c8b41bd667d3943eabce5466916d1673969e7aad98295737c48861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://squareup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:40 GMT
etag: W/"fbc14f9bbdd1ae3b56966ec4d7c8700e"
last-modified: Fri, 03 Mar 2023 19:36:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-id: xBPrPA6cShdh6gribvP34AbQHbX1Wzf9Zxiadk8QEN2M801vsO4ieQ==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 7UDKah343Bj.W.Ek2aTAfjOzNXLR5vHK
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 16

GET
H2 200 chat Show response
js.driftt.com/core/ Frame 3D41 2 KB
1 KB 52ms
51ms Document
text/html 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1678055400000/mshc9skt2uyu.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b3481de1d6c8b41bd667d3943eabce5466916d1673969e7aad98295737c48861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://squareup.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:40 GMT
etag: W/"fbc14f9bbdd1ae3b56966ec4d7c8700e"
last-modified: Fri, 03 Mar 2023 19:36:52 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-id: oWFYl_3c9XV0zulDSl_JTU-AF8eXWidYFhdJxnzk4FyQavteP_17xQ==
x-amz-cf-pop: JFK51-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 7UDKah343Bj.W.Ek2aTAfjOzNXLR5vHK
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 18

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 43ms
43ms Ping
text/plain 2607:f8b0:4006:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-65K13HQ4KD&gtm=45je3310&_p=1915024503&cid=1355407965.1678055140&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1678055140&sct=1&seg=0&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&dt=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&en=page_view&_fv=1&_ss=1&ep.avt=c313568c-166a-4964-9720-ec68e50acf25
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-65K13HQ4KD&l=martechJsDataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://squareup.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
357 B 178ms
31ms XHR
text/plain 34.228.28.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.228.28.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-228-28-62.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 05 Mar 2023 22:25:40 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://squareup.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 7f357aca-e5d2-45d7-bfac-d1bd283bc319

GET
H2 200 runtime~main.f4c2c5ba.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 6 KB
3 KB 34ms
32ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b2710eb43e1896ed1dfc4ff4fb5578f9186894438e89d514c4f43d165fb3f1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: OYkNfy0JWXCEDnECxjRkELW6Teqg2IfV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Fri, 03 Mar 2023 18:56:12 GMT
server: istio-envoy
etag: W/"39ce18acb8b1e796fe8d76a7b03b7eda"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ijUxMRYV00QGkJljoi-7b7CoD5Yx_k7zFYssxJ34B7dvmCFiIKzgJg==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 35 KB
13 KB 123ms
122ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: G_6NClC87z4YKUQ5LgwT1mGmKMQH18YO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Thu, 02 Mar 2023 19:44:19 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mYzhPs6WK9K2mzy9hYIvmvx7ddtnlS_mKBzdLo2lbv72dhnXNpUOUA==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 7 KB
3 KB 124ms
123ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: 87FFf1W3slXBBhSM9uSBEFOJpW9fpOh5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
last-modified: Thu, 02 Mar 2023 19:44:23 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BwA4Ka5jgmsUw5k0-igZgcNROfqLZD9eaaJ83XOQ6B3E4uHBFfnzjw==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f07e:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Mar 2023 22:25:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: mGP9RdzkHe9LuTa6cD8Ju3B0F40BP9i6niBx6NLUtBBuLVSgOV2c3dY21NijfXiSY7ZsRufp/yvoMoTdaZke3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 816297701715444 Show response
connect.facebook.net/signals/config/ 285 KB
84 KB 45ms
45ms Script
application/x-javascript 2a03:2880:f07e:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/816297701715444?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cad4b42923d3a34a334db1a49de0bf43a976eb2a2b78e2bc3efd92417a358a9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 85006
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: o2IyR5yAox7mMlptoTksVcIkv+h+a7+mhbsL7bwQT27UvcEyYCAoVojsffBUQIF8MIV2OpiVEDKeokbBqkzE+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/984344943/ 42 B
154 B 59ms
58ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984344943/?random=1678055140234&cv=11&fst=1678053600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&fmt=3&is_vtc=1&random=3440747867&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime~main.f4c2c5ba.js Show response
js.driftt.com/core/assets/js/ Frame 3781 6 KB
3 KB 109ms
108ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b2710eb43e1896ed1dfc4ff4fb5578f9186894438e89d514c4f43d165fb3f1ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: OYkNfy0JWXCEDnECxjRkELW6Teqg2IfV
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
last-modified: Fri, 03 Mar 2023 18:56:12 GMT
server: istio-envoy
etag: W/"39ce18acb8b1e796fe8d76a7b03b7eda"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ysOnvqefJA0lLjaztOTXbCXM1IxiBd1eVy-BOV0lwLP34V2RcQMvFA==

GET
H2 200 10.f16292bd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 35 KB
13 KB 137ms
136ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/10.f16292bd.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: G_6NClC87z4YKUQ5LgwT1mGmKMQH18YO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 81
last-modified: Thu, 02 Mar 2023 19:44:19 GMT
server: istio-envoy
etag: W/"cdb5f42b656ab6b237aa50c24c0d8474"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: FjKHA2n-I0z6pjX9AK_mSyyLWLh33gAYXTjSuABAVrrX-X8CWkV7bg==

GET
H2 200 main~493df0b3.02edd878.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 7 KB
3 KB 182ms
181ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.02edd878.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: 87FFf1W3slXBBhSM9uSBEFOJpW9fpOh5
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
last-modified: Thu, 02 Mar 2023 19:44:23 GMT
server: istio-envoy
etag: W/"552f770e8c42c3e418dbe498f587a82e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: BE4aSyWzMdHVd-gkCjiLg57mE6aYh74-aGjYpB8CBCmgpUslAApPSw==

GET
H2 200 /
www.google.com/pagead/1p-user-list/984344943/ 42 B
108 B 61ms
60ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/984344943/?random=1678055140240&cv=11&fst=1678053600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=a38ECOnO7gQQ79Kv1QM&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&fmt=3&is_vtc=1&random=3456996643&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/746791505/ 42 B
108 B 57ms
57ms Image
image/gif 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/746791505/?random=1678055140247&cv=11&fst=1678053600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&fmt=3&is_vtc=1&random=3152824451&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
285 B 83ms
83ms Fetch
application/json 2600:1f18:24e6:b902:ce86:cbe1:655c:7a53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.34.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Axms&dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin-version=4.34.0&dd-evp-origin=browser&dd-request-id=97de5b52-26d7-4f81-a99c-55bfbc60f89d&batch_time=1678055140490

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:ce86:cbe1:655c:7a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

2f9b594ee0336b052fb94aa941d2e201f4a386f0b6d1cf27610437e4c2228304

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:40 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 72 KB
22 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f07e:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21972
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TpVF8UkCMN1M8e3cu9WNe8gsL2+YX1kt8Xwuc7T7lOxrENbcbaiM/qbHJTBS0jgB5pHK7h/57tsIoEwzj9/ksA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 23 KB
8 KB 61ms
55ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 09S2fXNgYIsGPaegox1qIJD_ahajJeC63xljEBfrnLouX4LksXMvHA==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 36 KB
10 KB 63ms
55ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 80
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 32xjrBe2c516IMAB5aTubdRZhfTKde-eTdtB8xXT6LvtnUm1yKgvAQ==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 32 KB
11 KB 64ms
57ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 3Dq5XEj76miHFBtzwx_L1gh4_UbdDQYk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: v5hSJEy4THqqqD3JhnluYSGElVz58Ab6Tk2_Nd416IB6Za04HHZHnQ==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 17 KB
6 KB 66ms
59ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: theEgjJAe0NNUQxNtrO6NKBo16VGW89KUI9_zm2trVQ_eN-PuEZeUw==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 25 KB
8 KB 68ms
60ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: LwoHxJH_FBDxYvxZo.xGVaPPrUBqnUk_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wUL7qTkga2rYVBD0h9a3B2-Nbe6yyJEpMVXMDbXfUZ1JrEExOuITeg==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 74 KB
23 KB 98ms
91ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: VElN.rYQUfZc8FwuS3oQUAN0Q9xeEifo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Z2jdy2Ai6b94guP39X7hmBhn9p25rbeKnxSJ4atg83iJe2RFNYOJ7Q==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 66 KB
20 KB 99ms
92ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:49:41 GMT
x-amz-version-id: gQBabGWT2wF3TDmwb1dt_eOgGTaTnWy.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 912959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 15 Feb 2023 23:10:28 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: XOXM3rYDJqcIGQX5zTXHlJJNubs0vOa_KLgaN5NGJLxIxmP-a-nJag==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 91 KB
28 KB 120ms
113ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: jUF4GGgcG34JdLv0MHXRHyWvmwH3OQeO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WtP8cRz01-wV68yU2qz4oX-CJUQIoD1cn4XHeBbJqvFulwU3uV7QzQ==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 23 KB
7 KB 121ms
115ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: KyS4g55V4uBz7fjaZ0R1pHyOHsEBkZV6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Edk7UgpYrF97RC9z44W9Y8GEQ93Ad6RLQUxQ8tGxAOrUzk33LGK1Rg==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 62 KB
19 KB 122ms
116ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: uwUNfVtyHdRKYycXgamRNBkk5aCRrwjq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8kFRdoq4GY8Iq2JfCOZlR55rWxqRCqoxFoI2lHDQ-C7hnyI2S7WzGw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 105 KB
34 KB 124ms
118ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wogefjdvel345-QH6EYTqLw0V6pS5dZszuKDntPy1_RD-jwPkHnOZg==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 12 KB
4 KB 125ms
120ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: X151O2if9SUzZhsBRIHlOqKUakbFDRo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jHKYO_a1dshOrvVTCkg8S_dSV_ALw4bbnvfEifKZJv4fZaAUpcN6sA==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 13 KB
6 KB 126ms
121ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 92
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: YSwoa2GtcfNSPSANFhALOZU4MQZUT-Q5YELHvOW0Fy72yYPFiSPw-A==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 17 KB
7 KB 128ms
124ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: ykeUDE2sWwwza8uCQZo8fLwm_hGj240R
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: q_sWKO6CQ3NeWYezSJ0EBupo0-J0U1tAwAD4Rwuz357IwtFn41C5wg==

GET
H2 200 9.18bfca70.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 14 KB
3 KB 61ms
57ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.18bfca70.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: ek9fS7EEhFu52wqRDH0o0RmM_N9gaCIn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 02 Mar 2023 19:44:18 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SCmTUgzNzmheJ5PFaEyokW2rei_9T8OJuBQLjr4Ow7OW8zvAnp4SQA==

GET
H2 200 9.fe4d08dd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 79 KB
25 KB 129ms
125ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.fe4d08dd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a1bcb5b2228bddf8d0d1b691c10bf297a0f16fd62369fb96b3158d7c672c109b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: xZvLRW_XIeBPfluiEeAgAwJpCWL72EEN
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 71
last-modified: Fri, 03 Mar 2023 18:56:11 GMT
server: istio-envoy
etag: W/"8684b418e4ffa27b8ef3423232a27cb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: jNr0CypokzBZAA6JLuU1wn4e0hbl2D6NwRN26JxSeIe-XJWIImZYqA==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 24 B
697 B 61ms
58ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: ZWQNVnxhcAJ0Kb7M1VwvZzQ21GH_x55X
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3214843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ejonm9UdY2VjNEKzzwQ4xWoS0DtsmkT8Adst48XgWCzFcHDl7fOHpg==

GET
H2 200 17.9f1ca9a4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 89 KB
23 KB 131ms
127ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.9f1ca9a4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b6c82b23f85d9848b4137b1aff2a97c3a139cf941e9aab0302c35a7f4adb5a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: f0iSHfRmgXwAG.cRZdIbL2ziRpPkMqJt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 97
last-modified: Fri, 03 Mar 2023 18:56:09 GMT
server: istio-envoy
etag: W/"5cdb20e76309dffd82a7cf5883471940"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vAG7fSs3qlvpGPQ6qLWRa7sZKXZmZFhUXx_1rR4SFaGCSyCVmYY_ew==

GET
H2 200 26.46ab375f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 50 KB
14 KB 132ms
128ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.46ab375f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fece75816d3e78b929f712f88b59ce9784d197f8be89293f044bd228856962b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: Uv2j3muE_bX7dWoIcs81QI5akzzORTrY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"14cfa7b419ba8c70717c71b2cdb4e60e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sX9bhVxCMMbDcc_5OUj87xxk8eKMC2tkHnOVzFzHCgKgV5chNbdSrA==

GET
H2 200 18.f6a0a0cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 40 KB
13 KB 133ms
130ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.f6a0a0cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5efe4b5fa2d6905b487120d2bb685102320743363525ee8e16141cba5b3d4b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: cCnv2BnOiDF2Js2yGu64LDZXMbh19a8U
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 03 Mar 2023 18:56:09 GMT
server: istio-envoy
etag: W/"d0433940f9d61c57fb283f9d9f2e683e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: oKtDBc9fDKJVu46X5HryHS40EpHrYaSCJpzF_ZRIllch0OGpGAto8Q==

GET
H3 200 2179726272122089 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 38ms
37ms Script
application/x-javascript 2a03:2880:f07e:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2179726272122089?v=2.9.98&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f07e:9:face:b00c:0:3 Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9816a830644a445ce026ed2a19ff36dffdc7406f0e94a086cab736539ad790ca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110371
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: WtYfJIeAvGgl0lfyk3lRjfCqVFwWO1ltmz/CI6d2Af24JRnPIfpYIx4kEfKAd54599jw2CzbnjchV+CFaIFb9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 events Show response
capi.squareup.com/ 0
161 B 338ms
83ms XHR
text/plain 18.144.72.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.squareup.com/events

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.144.72.236 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-144-72-236.us-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://squareup.com
date: Sun, 05 Mar 2023 22:25:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 105ms
33ms Image
text/plain 2a03:2880:f172:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816297701715444&ev=PageView&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&rl=&if=false&ts=1678055140581&cd[content_type]=product&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=28&cs_est=true&fbp=fb.1.1678055140576.1848346570&eid=ob3_plugin-set_5a32e6e9a0e22f0ad2d32669e40658ed60302622ce93857a3d5e58a48df0d0d3&it=1678055140415&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f172:81:face:b00c:0:25de Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 52.b1edaf4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 23 KB
8 KB 83ms
72ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: TtzAkuiFg5ajpar.KJembGW97mIyyYtK
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 43
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"cd29b9bc973e48a7fcd0ee7153bdf03b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uYWb3JlO-i5YzAdkRHt5r_XR1QiEc7M7RLomMSWKWCItUBsDBTqpVw==

GET
H2 200 36.b49bf23f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 36 KB
10 KB 86ms
69ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.b49bf23f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: SWSsVLzyOcOhQhmvR.pbvKyQeo7W0A10
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 80
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"4ae92c53ef226eb2a201fc855ccb7835"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ufjf0b89IeQn4oPBunqlu8c0-P9-C459T9aH2VkbH0zuWr8qDL9RKw==

GET
H2 200 25.22647a55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 32 KB
11 KB 86ms
70ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.22647a55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 3Dq5XEj76miHFBtzwx_L1gh4_UbdDQYk
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"2ce6c446f71a395ff41647c9ba4b9c19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: bQKwDt_POWq3qQ8LgLhUI3uQEONQlJZfkZI42PfFlWlsfGRlEgRSMw==

GET
H2 200 20.2ffef383.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 17 KB
6 KB 87ms
71ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.2ffef383.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: Sl_LzJMe7m6MkWEK9Fxqk3gRf.6SeAYu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 35
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"ec6e94b6cea3a27506634867a8009ded"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: r3Ivz7NxlUPWBmvZcYkmds9qWcy4vUyCTxBh0LsFWkgSu4oB3yX7Nw==

GET
H2 200 42.67956b13.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 25 KB
8 KB 87ms
71ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/42.67956b13.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: LwoHxJH_FBDxYvxZo.xGVaPPrUBqnUk_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 20
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"d53cdfd4559700cfe085380882a8e897"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KpgIzN5v9aGYWMy_0iKdxT28VK2UuUzk6HvNiJ1dgC_qB0zTv3cBZA==

GET
H2 200 21.b3438b1b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 74 KB
23 KB 90ms
74ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/21.b3438b1b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: VElN.rYQUfZc8FwuS3oQUAN0Q9xeEifo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 58
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"10e1bfa61646f14df045c581bc9410fd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F1WFJ271mGoji9Z9_Vrbnsocw8VqtlrTpboocXWLuOKgpHV0PGsyyg==

GET
H2 200 27.3951aad8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 66 KB
20 KB 90ms
75ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.3951aad8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:49:41 GMT
x-amz-version-id: gQBabGWT2wF3TDmwb1dt_eOgGTaTnWy.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 912959
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 41
last-modified: Wed, 15 Feb 2023 23:10:28 GMT
server: istio-envoy
etag: W/"5b2b6d0508fe18c3efb6bcd6249fd4e1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 66Nz8j0q0kjn5F-gaTgRYwB5JD6PRVKRFre4FnGWKyqc2D1G0SiwaQ==

GET
H2 200 15.699b0dc7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 91 KB
28 KB 91ms
76ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/15.699b0dc7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: jUF4GGgcG34JdLv0MHXRHyWvmwH3OQeO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 99
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"43d1442a9d30453da9eaeb12b9daafff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nYFVOO_UBVwbt0lhhr10CLv5ZB9XaAwqXyyk72Shu04xexiDUrTsOw==

GET
H2 200 12.d33926cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 23 KB
7 KB 92ms
78ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/12.d33926cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: KyS4g55V4uBz7fjaZ0R1pHyOHsEBkZV6
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"bdcb035523ec144399213aa65a8430ff"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SYDUJah9VPa3ts8gDe9boZWRb1bBwhNi0Tejvgb6AGKXUFKURjp7yw==

GET
H2 200 19.8e79a39a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 62 KB
19 KB 93ms
79ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.8e79a39a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: uwUNfVtyHdRKYycXgamRNBkk5aCRrwjq
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 50
last-modified: Fri, 27 Jan 2023 17:00:20 GMT
server: istio-envoy
etag: W/"c478a5bb4d7885e2b9250c6beeb4fd6d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: xNGgWwAsHZSLW1Ky2VAioH3-JEy6ggII6dh60InCtAuLgN3aBkpLmw==

GET
H2 200 50.de3b5864.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 105 KB
34 KB 94ms
80ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/50.de3b5864.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: 1DnDsXjV5U2x4yjXf3GCnDIDPlyIffBu
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 65
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"114785899ceb423273fcc17aaad202e9"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sbfBY4BVJGMW4wlpCyhJbNaPdd0e5eqNt8Tt3MMDP339GafQIsoOpw==

GET
H2 200 41.a1867ad4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 12 KB
4 KB 95ms
82ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/41.a1867ad4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: X151O2if9SUzZhsBRIHlOqKUakbFDRo_
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"299dd262bf32831c99dc78a9c5b5ca43"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LaWmCihhpGKJ2hjSrQxFk_h-KA9KpPxZPAHnKg-gJts7bLL-JOevpQ==

GET
H2 200 30.57dfb56c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 13 KB
6 KB 96ms
83ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/30.57dfb56c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: PRu.RNHym52TA_hlIcQB1Vv5VUA1vVKS
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 92
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"b8addee34a5cd2241740a2e3094039b3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: IcemQ_F2cheeP34gy4oTDaDqquXWRjCoGwJLfG7mSavNTXTLbXSA1Q==

GET
H2 200 22.4cb40074.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 17 KB
7 KB 97ms
84ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/22.4cb40074.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:25 GMT
x-amz-version-id: ykeUDE2sWwwza8uCQZo8fLwm_hGj240R
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 19
last-modified: Wed, 15 Feb 2023 15:10:12 GMT
server: istio-envoy
etag: W/"6cf24f8ea74f43662c776ce6af09d469"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: KphcqA_NkCdYmHEilcCctYyLL9WlbkOvZ7C9lxngPAsr4Me5o5T38Q==

GET
H2 200 9.18bfca70.chunk.css
js.driftt.com/core/assets/css/ Frame 3781 14 KB
3 KB 79ms
67ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/9.18bfca70.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 21:09:20 GMT
x-amz-version-id: ek9fS7EEhFu52wqRDH0o0RmM_N9gaCIn
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 263780
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 47
last-modified: Thu, 02 Mar 2023 19:44:18 GMT
server: istio-envoy
etag: W/"dd670379de64b0621ee84574f3b8e73d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8ubkkB2DbYz_hcD0LK2N7rCh9-RF8TkDF9cgwCtCweGWdM6FQUwnhw==

GET
H2 200 9.fe4d08dd.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 79 KB
25 KB 96ms
85ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/9.fe4d08dd.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

a1bcb5b2228bddf8d0d1b691c10bf297a0f16fd62369fb96b3158d7c672c109b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: xZvLRW_XIeBPfluiEeAgAwJpCWL72EEN
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 71
last-modified: Fri, 03 Mar 2023 18:56:11 GMT
server: istio-envoy
etag: W/"8684b418e4ffa27b8ef3423232a27cb7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: SbldEic0YIkNUDGk7AYLmNePN3Tm9w9IT-1V7Azw8j-jTdbC7Ge4GQ==

GET
H2 200 17.22abfce0.chunk.css
js.driftt.com/core/assets/css/ Frame 3781 24 B
698 B 79ms
68ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/17.22abfce0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: ZWQNVnxhcAJ0Kb7M1VwvZzQ21GH_x55X
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 3214843
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 17
content-length: 24
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: "0c5dad92482d9a7c7c253510f5082465"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1WBZbVEkMWtpzAgm6Bm0viT6-NDJjOHsw_eF5Xj3yuvN7j8rYL_rLg==

GET
H2 200 17.9f1ca9a4.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 89 KB
23 KB 98ms
88ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/17.9f1ca9a4.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

b6c82b23f85d9848b4137b1aff2a97c3a139cf941e9aab0302c35a7f4adb5a37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: f0iSHfRmgXwAG.cRZdIbL2ziRpPkMqJt
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 97
last-modified: Fri, 03 Mar 2023 18:56:09 GMT
server: istio-envoy
etag: W/"5cdb20e76309dffd82a7cf5883471940"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yv35AHvUGffEDwai2DLoe3MTv8qOX0sEtdvJExCRzV-xtoh4ypN6lA==

GET
H2 200 26.46ab375f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 50 KB
14 KB 99ms
89ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/26.46ab375f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fece75816d3e78b929f712f88b59ce9784d197f8be89293f044bd228856962b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: Uv2j3muE_bX7dWoIcs81QI5akzzORTrY
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"14cfa7b419ba8c70717c71b2cdb4e60e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GPi0JmfTtv8EjGreb1C6W8qHszlCXAywKwZzqK8mX69tp_YzZm8PoQ==

GET
H2 200 18.f6a0a0cb.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 40 KB
13 KB 100ms
90ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.f6a0a0cb.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5efe4b5fa2d6905b487120d2bb685102320743363525ee8e16141cba5b3d4b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: cCnv2BnOiDF2Js2yGu64LDZXMbh19a8U
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182928
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
last-modified: Fri, 03 Mar 2023 18:56:09 GMT
server: istio-envoy
etag: W/"d0433940f9d61c57fb283f9d9f2e683e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JPVtR6SZ-480S6LMMMvFwJ5qcP3SLcIPIi0MTAzbIr6t0YA6rdfnpw==

GET
H3

200

/
www.google.com/pagead/1p-conversion/630646945/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR2...
https://www.google.com/pagead/1p-conversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadse...

42 B
64 B

48ms
47ms

Image
image/gif

2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&value=0&auid=2047981498.1678055140&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUTlMdVlzZXIwZXZabVlKVGpIdEhIYVpqZloyZlE2TkpvSkdHVE1FeGMtV3BnGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxqd3JuZHE3NjJoSDZPUWhGZDUzbzZLOW1iZzBsRnR2Q2M1dGdsallwUFhJaGJ2RFVLOGdtTDZi&is_vtc=1&ocp_id=5BYFZKf5JPGHoPMPibiJiAQ&cid=CAQSKQDUE5ym9smx0EVv7qmZz00mgjpzXiPpaPO_Ho0dfbUgju-gxPLirmlh&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsSnKJVq1NpJBqyvUsEXqfisD8H4aObmvLE&random=790352077

Protocol

Server

2607:f8b0:4006:80f::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/630646945/?random=176214878&cv=11&fst=1678055140241&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&label=T4RGCIa9hdEBEKHR26wC&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&tiba=An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy&value=0&auid=2047981498.1678055140&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0ppUm9BWVExc0MyX3R2bnBlbXNBUkltQVBPRF9yUTlMdVlzZXIwZXZabVlKVGpIdEhIYVpqZloyZlE2TkpvSkdHVE1FeGMtV3BnGlhDaEFJZ0ppUm9BWVEyc3V3dk4tLWg5Uk1FaTRBYkVNNmxqd3JuZHE3NjJoSDZPUWhGZDUzbzZLOW1iZzBsRnR2Q2M1dGdsallwUFhJaGJ2RFVLOGdtTDZi&is_vtc=1&ocp_id=5BYFZKf5JPGHoPMPibiJiAQ&cid=CAQSKQDUE5ym9smx0EVv7qmZz00mgjpzXiPpaPO_Ho0dfbUgju-gxPLirmlh&eitems=ChEIgJiRoAYQ2eq5lYPpgIGPARIdANUocsSnKJVq1NpJBqyvUsEXqfisD8H4aObmvLE&random=790352077
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtm-container.html Show response
tealium-f.squarecdn.com/ Frame 82D5 2 KB
2 KB 226ms
219ms Document
text/html 151.101.129.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70955dddcd784f39f2c4dfac351f377a8e7cab12676fed11c419efd61e472bf1

Request headers

Referer: https://squareup.com/au/en/press/refund-policy-update
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 1677
content-type: text/html
date: Sun, 05 Mar 2023 22:25:40 GMT
etag: "082aa9a2b863cf297c3696bfab81c7fc"
last-modified: Wed, 20 Oct 2021 18:41:24 GMT
referrer-policy: no-referrer-when-downgrade
server: AmazonS3
via: 1.1 varnish
x-amz-id-2: U2q1UK6i6QM7rZi/2uGJYf41DAq4S7BHlNNpCKYc95yOFUo6jOJvsh0H2sG2sMXNKoW1wr15e7E=
x-amz-request-id: PN8FECH0YCACH0HV
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-ewr18125-EWR
x-timer: S1678055141.705869,VS0,VE192

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 37ms
35ms Image
text/plain 2a03:2880:f172:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2179726272122089&ev=PageView&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&rl=&if=false&ts=1678055140697&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.1.1678055140576.1848346570&it=1678055140415&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f172:81:face:b00c:0:25de Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
capi.squareup.com/ 0
160 B 223ms
84ms XHR
text/plain 18.144.72.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.squareup.com/events

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.144.72.236 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-144-72-236.us-west-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://squareup.com
date: Sun, 05 Mar 2023 22:25:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
35ms Image
text/plain 2a03:2880:f172:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=816297701715444&ev=ViewContent&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&rl=&if=false&ts=1678055140699&cd[content_type]=product&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=28&fbp=fb.1.1678055140576.1848346570&eid=ob3_plugin-set_27ad8061c5d8ca2b155450fce2734b9f1614f5c89e7c0ae4cfa7b6e38c5fa2ee&it=1678055140415&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f172:81:face:b00c:0:25de Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 05 Mar 2023 22:25:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 38.11d2b6a7.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 3 KB
1 KB 99ms
99ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/38.11d2b6a7.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: hzHYKpyiaZmITNnBC_LqpsxusmNF7FFl
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 23
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"87532c4db85f1429fa6d759bc3332f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 6wUYfQjxeYkxOU8GQSHhGGX6UgFTaHBIz2IcDBlKCow8_dKd_GCh5Q==

GET
H2 200 38.627f88e6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 3 KB
2 KB 99ms
99ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/38.627f88e6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

43580e037fc59487c315cc0a33e1167f17c8430dd41aa375e21f4d6d325e8f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: VrL4qVVdcSDrKVxDzMDZ1ibCwb1LgkQ.
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214844
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"d03d4e13d59e06f8ec44e39d9d85fa54"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: NjlTes8S4me7vCVzt_rKBRsAGLN0i8XyUPtlRmNpo1ACTkz_q_g5Og==

GET
H2 200 refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795
adservice.google.com/ddm/fls/z/dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/ Frame 378A 42 B
401 B 111ms
50ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795

Requested by

Host: 9628652.fls.doubleclick.net
URL: https://9628652.fls.doubleclick.net/activityi;dc_pre=CJfWuMTqxf0CFQUNaAgdRqcM8A;src=9628652;type=globa0;cat=doubl0;match_id=undefined;u1=undefined;u2=c313568c-166a-4964-9720-ec68e50acf25;u3=/au/en/press/refund-policy-update;u12=us;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1;num=8141401460746.9795?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://9628652.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 error
reporting.cdndex.io/ Frame 0
0 120ms
46ms Preflight
application/json 99.84.119.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-94.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 2
content-type: application/json
date: Sun, 05 Mar 2023 22:25:41 GMT
server: CloudFront
via: 1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
x-amz-cf-id: thhWMcOk4vIZDfFkrOH0OH8rVxGPbrwSVxM0-uFENvaUHswp1KYDeg==
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront

POST
H2 200 error Show response
reporting.cdndex.io/ Frame 8E0A 8 B
396 B 447ms
447ms XHR
application/json 99.84.119.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=02Elkhys5EKjD7dNGQuf03CvR0718JIIAA9u4pUH0Fdtgisr9DhZrbxDzsZfjnLMiZ0daBaPgtWHPJIsIsbo0uhvIZkyJJLQEzgfEzp45YIi8eEY77cEE4Z2tQmY2HgjG2ZaICglNA87hpeNnY186zp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-94.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:41 GMT
via: 1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length: 8
x-amz-cf-id: o6G262XnGkA1DcA3-Ft4U39YRqo8wkD_Hxb2jMJikkPRUhOi-SsP0w==

POST
H2 200 tl Show response
squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ Frame 8E0A 15 B
667 B 113ms
113ms XHR
application/json 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/tl
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=02Elkhys5EKjD7dNGQuf03CvR0718JIIAA9u4pUH0Fdtgisr9DhZrbxDzsZfjnLMiZ0daBaPgtWHPJIsIsbo0uhvIZkyJJLQEzgfEzp45YIi8eEY77cEE4Z2tQmY2HgjG2ZaICglNA87hpeNnY186zp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ada6da39dbd575d9ae048067c2cddd9f39623fe07bf92cd5f0dbed40c92e7d

Request headers

x-kpsdk-dt: 15hx3dy461w0q1x2lz76y1hgy6n
Referer: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
x-kpsdk-ct: 02QEmS0jqwzSkVMAy7JJ6ALogr7BgBKCNe5XnG9ixOjlEttOMo8LBLXFFPyXEHfVqgS7JUx7ghaALRzfcsLMjD4J4Gdnm7zLiaycXiIeErUCB9JuthYEkeZ8cjF45bz4KQx52rOolhxccM7czXT4KLf
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/octet-stream

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:41 GMT
cf-cache-status: DYNAMIC
x-kpsdk-ct: 02irK3xw3p5cT5dgX6e6iG2Xy7gJfJqObPkg4rGIsZC8BYkTziNCv5Oi28Av2FnlNmv6orDqi335jLgYFTEjFGdoXeYryNaBtuQIf4Gl0YyHsl3JsOM8BLs4OY4dn3JHmB7e8dFDKIOWfpwcE0ZtF3e
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
p3p: CP="This site does not specify a policy in the P3P header"
x-kpsdk-st: 1678055141204
cache-control: no-cache, no-store, must-revalidate
x-kpsdk-cr: true
cf-ray: 7a35c6b80a008c35-EWR
access-control-allow-headers: x-kpsdk-cd, x-kpsdk-ct
content-length: 15
expires: 0

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 9 KB
9 KB 29ms
27ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:22:56 GMT
x-amz-version-id: SKPrTF4DhjEE9vueNnd7O3fK3ViHjZqq
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 5670165
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
content-length: 8798
last-modified: Thu, 29 Dec 2022 16:49:55 GMT
server: istio-envoy
etag: "c5efcdc9e465604f32cf24af10fd6c13"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yxsGpR5Shv69mM8vDB8nKP33QKIpXB-EJvPqLgdvtPVU5r2kqiTRMw==

GET
H2 200 28.01a0fe87.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 35 KB
10 KB 31ms
29ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.01a0fe87.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: oCx9yWccW.dlty4hHqWiey7h_DwTeEBh
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 36
last-modified: Fri, 27 Jan 2023 17:00:21 GMT
server: istio-envoy
etag: W/"0ad089f0617a0fa8014a23c2afa90ddd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: RsfjlqoZFjg8G6vK6mBUsY-lnuSU3AJH2xbkKejMV12Y29bQqT3zHA==

GET
H2 200 29.9bf46b67.chunk.css
js.driftt.com/core/assets/css/ Frame 3781 8 KB
2 KB 29ms
28ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/29.9bf46b67.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: qzro7282BXz7SnLdWr3hLeI1pZAqJ2A1
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214845
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 27
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"4f21faf2ba450e5fcdf7eda90813e185"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: kMdT2ztx2AOnjMw_oJbjhSeO_PJmqNNiooIaBznwQ9ggvUcFCxCfVA==

GET
H2 200 29.e1a4ff99.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 14 KB
6 KB 32ms
31ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.e1a4ff99.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

01db0d203405ed4ec9c98bdcb0db8781188bcf88582788fb0e1c3c92c3e24f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:44:11 GMT
x-amz-version-id: wkdbw8qtPlaabmxKODiZTD6dxLLQ34XZ
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1568490
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 38
last-modified: Wed, 15 Feb 2023 18:18:25 GMT
server: istio-envoy
etag: W/"deee6d1dc2f18623bf7e1f6bbb50a94e"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JYzdt30n7hxzSCnEPpBcUmvbyIqc_TBgdefbOJiI5N7QH3dMqURAog==

GET
H2 200 23.c695453b.chunk.css
js.driftt.com/core/assets/css/ Frame 3781 365 B
1 KB 31ms
30ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/23.c695453b.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:25:26 GMT
x-amz-version-id: JFaqZy69NwkYwPRskCJMqjuf0WwUdgeN
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 1580415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 70
content-length: 365
last-modified: Wed, 15 Feb 2023 15:10:08 GMT
server: istio-envoy
etag: "06b2963b029c0824382815165bfea73e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: -KH1qCTHC_b0cWVOiTExwkMe66T68lbjYuIDfg72ZU1C1DVlnBmjnA==

GET
H2 200 23.f58c2dec.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 91 KB
25 KB 32ms
31ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/23.f58c2dec.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

67146edeb4020894fa250e4dc4bd096dd5195e23aa15161cccab1f030d5bbb9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:52 GMT
x-amz-version-id: yqiBQv.11jHCvVZryIIk_GOgSfwAyIL7
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182929
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 48
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"9d90584af44c0229eae4b1f2ae6d316c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: saAXlEzKDfZLGhE0o7hvWVf4VrPZow3ahPD0Yr693SGgZz2sAlZI0Q==

POST
H2 200 error Show response
reporting.cdndex.io/ Frame 8E0A 8 B
396 B 459ms
454ms XHR
application/json 99.84.119.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Requested by: Host: squareup.com
URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/ips.js?KP_UIDz=02Elkhys5EKjD7dNGQuf03CvR0718JIIAA9u4pUH0Fdtgisr9DhZrbxDzsZfjnLMiZ0daBaPgtWHPJIsIsbo0uhvIZkyJJLQEzgfEzp45YIi8eEY77cEE4Z2tQmY2HgjG2ZaICglNA87hpeNnY186zp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-94.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
via: 1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
content-type: application/json
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
content-length: 8
x-amz-cf-id: wTf3o-SdnkRcubr25WPZmn8KsSNDct32kRnJeyzLdpPn1qh4pSwJgw==

OPTIONS
H2 200 error
reporting.cdndex.io/ Frame 0
0 48ms
48ms Preflight
application/json 99.84.119.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.cdndex.io/error
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.119.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-119-94.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
content-length: 2
content-type: application/json
date: Sun, 05 Mar 2023 22:25:48 GMT
server: CloudFront
via: 1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
x-amz-cf-id: xtUPEsHB11HS-PwQffUFJnHh5DLtZImPpIeVrBaBHXsd8IEP1ejXQA==
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 82D5 397 KB
93 KB 46ms
45ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5

Requested by

Host: tealium-f.squarecdn.com
URL: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dae686cf866b07cf0a1a9e0e88f8fb26d82097dc677611a8accb92b53395cde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94965
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 05 Mar 2023 22:25:48 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 37ms
36ms Image
text/plain 2a03:2880:f172:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2179726272122089&ev=Microdata&dl=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&rl=&if=false&ts=1678055148582&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22An%20Update%20to%20Square%E2%80%99s%20Refund%20Policy%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update%3F%26optimizely-snippet-injection-enabled%3Dtrue%26optimizely-snippet-injection-enabled%3Dtrue%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fxms-production-f.squarecdn.com%2Fxms%2Fassets%2Fpublic-web-styles%2Fsocial%2Fdefault-56f973ec4d9cb2927e20a0cb97201783e27bf352585fa25cddbde11aa81635a7.jpg%22%2C%22og%3Alocale%22%3A%22en_AU%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Square%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.98&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1678055140576.1848346570&it=1678055140415&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f172:81:face:b00c:0:25de Somerville, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 05 Mar 2023 22:25:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 batch Show response
data-platform.squarecloudservices.com/v1/ 16 B
37 B 253ms
252ms Fetch
text/plain 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

762c2749580c286a68d4528d912a4afa02a17dc2025c6c65b17b0dfab8291408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
x-cdp-batch-id: v1:qmQZ2lJlB5yMsBmyLFiGoNAuWb8o72BlGabAiIP2K7I=
authorization: Basic NDFlYzFiNjgtMjFiMS00Njg3LTg1M2EtZjk2OGU1NDEzNGRiOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-request-id: v1:qmQZ2lJlB5yMsBmyLFiGoNAuWb8o72BlGabAiIP2K7I=
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
content-type: text/plain; charset=utf-8
access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
content-length: 16
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H3 200 batch
data-platform.squarecloudservices.com/v1/ Frame 0
0 66ms
65ms Preflight 34.98.67.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://data-platform.squarecloudservices.com/v1/batch

Protocol

Security

QUIC, , AES_128_GCM

Server

34.98.67.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

114.67.98.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-cdp-batch-id,x-request-id
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: authorization, content-type, x-forwarded-for, x-request-id, x-cdp-batch-id, X-Allow-Cookies, X-Block-Cookies
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://squareup.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 05 Mar 2023 22:25:48 GMT
vary: Origin
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 0.0b2ebd4a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 9 KB
9 KB 28ms
23ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.0b2ebd4a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 07:22:56 GMT
x-amz-version-id: SKPrTF4DhjEE9vueNnd7O3fK3ViHjZqq
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 5670172
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 44
content-length: 8798
last-modified: Thu, 29 Dec 2022 16:49:55 GMT
server: istio-envoy
etag: "c5efcdc9e465604f32cf24af10fd6c13"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: QKDodmv94j927Cru41MHvcnTGGW5cvt14HLCq0tRViNi_YuVL1Y5Hg==

GET
H2 200 3.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 7 KB
2 KB 40ms
30ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 07:37:36 GMT
x-amz-version-id: o9Bo7pJjn3vBSnlOhe7Svw7IOQZzIurF
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 4632492
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 53
last-modified: Thu, 05 Jan 2023 16:27:48 GMT
server: istio-envoy
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: msrH-ySRRrON3gttIveOjj2SQyIp4l6nZGTKYTuptr4Oh6pc2qEgMA==

GET
H2 200 3.f50b964b.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 54 KB
54 KB 45ms
36ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.f50b964b.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 12:52:13 GMT
x-amz-version-id: NudHQlgl.lHrU7YAYRBc2v4dcV.8GITa
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: JFK51-C1
age: 5045615
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 29
content-length: 54960
last-modified: Thu, 05 Jan 2023 16:27:51 GMT
server: istio-envoy
etag: "1ac37bf2b93050f29058b66a9ad43e10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TYb7NtnLQ2NsvAs3GEfZiVIV9-ZFMknzfKmlTD103T1yN9wnnzSzUg==

GET
H2 200 1.02a6af84.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 44 KB
7 KB 40ms
32ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/1.02a6af84.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 18:52:28 GMT
x-amz-version-id: 64T0ZrFEmS.6MBMboj2UeFtkG_nz2tDv
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 444800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 62
last-modified: Tue, 28 Feb 2023 17:39:33 GMT
server: istio-envoy
etag: W/"295093fc512c5e44a90c3c28242de8ae"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wV51D_mHlUYzGIQ694nrdz1ibhDpfs0Ea4cdG_-9BBI47QsrOTDSHg==

GET
H2 200 1.c3cc422f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 54 KB
17 KB 48ms
41ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.c3cc422f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

5438711dd20522194aaf43fc8bc73abce666d988fde7d5b29935c63e8b20e544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:59:04 GMT
x-amz-version-id: nrc7YGPLeTUHDEn0MGc0l8uN0TtcknrH
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 365204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 40
last-modified: Wed, 01 Mar 2023 16:37:51 GMT
server: istio-envoy
etag: W/"ae9498bd15966c3bde25a42fc2ef375c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fuViCG95OErgMpXYJ0jDvlY8Kg2scazRvf9lXTPYO-Yy9iSik_RFqQ==

GET
H2 200 4.ed93461c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 23 KB
10 KB 54ms
47ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.ed93461c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

07aa00aa3aa0d7f661d70680b81bb38d1af1160d7b8d391b1812a51070620535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 18:44:11 GMT
x-amz-version-id: yVPbckZMywHJCh15VMsKBgjNpzoO6E7h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 1568497
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 97
last-modified: Wed, 15 Feb 2023 18:18:26 GMT
server: istio-envoy
etag: W/"9e6f90256eeae9f2d8530b147e4694e7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3pZ99WaLiL24E62XDj8yS-0re46Y_zJiDP5FWocaHIPzeSGlnqmpzw==

GET
H2 200 35.a3318c5e.chunk.css
js.driftt.com/core/assets/css/ Frame 3D41 14 KB
3 KB 40ms
34ms Stylesheet
text/css 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/35.a3318c5e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 17:24:56 GMT
x-amz-version-id: zduXhdkhoojuHNWfrJL3OG7UtCFvJe6h
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3214852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 51
last-modified: Fri, 27 Jan 2023 17:00:18 GMT
server: istio-envoy
etag: W/"b06e02b360914b25e58305b1b9b954dc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ji1BUog9IGMZteIn5LdyTg1NPN17mn_03nn_ya85bh9eF32gA8AvDw==

GET
H2 200 35.d2693220.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 12 KB
5 KB 54ms
48ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.d2693220.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

4c76e6edfac60dd71bb02337d2a47bd6b41f3f045043ad0e939a51c0984d3274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 19:36:53 GMT
x-amz-version-id: NTUDuQfTe0C.EBqWswbG2TkTTAHgkBaO
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 182935
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 1051
last-modified: Fri, 03 Mar 2023 18:56:10 GMT
server: istio-envoy
etag: W/"bfea0be52d44423e9bc6e9ba9ab7e9c4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: emlYplZhzR9H5GU2Rr0tbFVDNFVzLBWAT9T_MhPx_OvMXWv0YZNmuQ==

GET
H2 200 send-post-request.js Show response
martech-production-c.squarecdn.com/ 592 B
1005 B 38ms
27ms Script
application/javascript 13.33.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://martech-production-c.squarecdn.com/send-post-request.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS2PXZD&l=martechJsDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-98.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 280bd2185118544d1777aec588ff0394a8abae3e82efdf74a26ef0a2b83d84e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://squareup.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: h3cZVopSvPG96Tnqdaw8za7cjI9wOnPs
date: Sun, 05 Mar 2023 08:27:52 GMT
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 20:44:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 50277
x-amz-server-side-encryption: AES256
etag: "8ee775801179e9b10599e53c07e9a0cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 592
x-amz-cf-id: EdGXUK__ya0R6QwvwB8iJUMK1J31e8FVNloVREOher8NMOP6bpwEMQ==

POST
H2 204 rum Show response
squareup.com/cdn-cgi/ Frame 8E0A 0
211 B 42ms
37ms XHR
text/plain 162.159.137.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://squareup.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.137.66 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://squareup.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7a35c6e70f6b8c35-EWR

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
285 B 118ms
117ms Fetch
application/json 2600:1f18:24e6:b902:ce86:cbe1:655c:7a53
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.34.0%2Capi%3Afetch%2Cenv%3Aproduction%2Cservice%3Axms&dd-api-key=pubd9af00759e65a48ba7ee3ff1dfa4260b&dd-evp-origin-version=4.34.0&dd-evp-origin=browser&dd-request-id=38cf971f-638a-4759-b977-841d805b720d&batch_time=1678055148678

Requested by

Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b902:ce86:cbe1:655c:7a53 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

1f8c7f71962fc65d5b3d6ed9f004acb44dbffead12fb969177ce7f3e36001857

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

POST
H2 200 ping Show response
bootstrap.api.drift.com/widget_bootstrap/ Frame 3781 145 B
243 B 36ms
35ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

33b9b7f9d6a532fde4e63a963d76b11cbff4b7aeefe9c9168ff034dafe8da1d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 526726b6bab67618
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 145

OPTIONS
H2 200 ping
bootstrap.api.drift.com/widget_bootstrap/ Frame 0
0 204ms
37ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 05 Mar 2023 22:25:48 GMT
requestid: driftdfc5923400bac1b71b86acc6626
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 sgtm_tag_monitoring Show response
us-central1-sq-sgtm-prod.cloudfunctions.net/ 233 B
279 B 311ms
310ms XHR
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-sq-sgtm-prod.cloudfunctions.net/sgtm_tag_monitoring
Requested by: Host: xms-production-f.squarecdn.com
URL: https://xms-production-f.squarecdn.com/xms/assets/application-9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 971cc47c39cf340f9323d66b5595a88ee5e3422f6de98934999c2eb2517dbd12

Request headers

Referer: https://squareup.com/
accept-language: en-US,en;q=0.9
Authorization: Bearer h9NabsHpt@Pg!yuUtRn6*ja.TGMQXx@BAXjAhhM6i9yPzKQKJKMw2sbtEEAsqMry
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 51243cf4b697482eaf5b6ae1012bb355
cache-control: private
function-execution-id: rphgfbam5jk2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167

OPTIONS
H2 204 sgtm_tag_monitoring
us-central1-sq-sgtm-prod.cloudfunctions.net/ Frame 0
0 123ms
62ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-sq-sgtm-prod.cloudfunctions.net/sgtm_tag_monitoring
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://squareup.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:48 GMT
function-execution-id: 76jjcpxcd0mw
server: Google Frontend
x-cloud-trace-context: 4ed2eb6f02acdb923fc973e0b27b3a18

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 82D5 40 KB
12 KB 107ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f061bcf23c86a4e238c0dc67bc3489f6f09b4846f9d0f5b131cebdfc377ad18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 05 Mar 2023 22:25:48 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 44D1A2A9B3984B54A940F0C8AA14F273 Ref B: NYCEDGE1716 Ref C: 2023-03-05T22:25:48Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H3

200

activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%2... Show response
12345.fls.doubleclick.net/ Frame 2A6E
Redirect Chain

https://12345.fls.doubleclick.net/activityi;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%2...
https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-co...

598 B
369 B

45ms
44ms

Document
text/html

142.251.40.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f6.1e100.net

Software

cafe /

Resource Hash

0852e24fd36247f041d4eb692b0b69876645690b6da4926db912702e77f15678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 347
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:25:49 GMT
expires: Sun, 05 Mar 2023 22:25:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:25:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame 82D5 13 KB
5 KB 126ms
27ms Script
application/x-javascript 2600:1400:9000::687e:74ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:9000::687e:74ca New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=17127
accept-ranges: bytes
content-length: 4777

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 82D5 4 KB
2 KB 110ms
29ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 14:39:23 GMT
Content-Encoding: gzip
Via: 1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 27987
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: V-mxd-pf6tAGwGwZUxgPvg3njmGdQtcVAU7aHNeQpgnfpq7Hkoi3GA==

GET
H/1.1

200
OK

iu3 Show response
aax-fe.amazon-adsystem.com/s/ Frame 9124
Redirect Chain

https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc...
https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc...

1 KB
2 KB

192ms
190ms

Document
text/html

52.94.215.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800&dcc=t

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.215.121 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

2b79c849f888ccaea3cccf48473cf5461a2209400abd16487dd78a249b3746ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1356
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 05 Mar 2023 22:25:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: H31BB1JR368X6F4N2T49

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Sun, 05 Mar 2023 22:25:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: VKGHSPH9BJKY3X3SH433

GET
H2 200 14e503e7ed5f221c.min.js Show response
tag.demandbase.com/ Frame 82D5 67 KB
19 KB 109ms
31ms Script
application/javascript 52.85.61.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/14e503e7ed5f221c.min.js

Requested by

Host: squareup.com
URL: https://squareup.com/au/en/press/refund-policy-update

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.61.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-61-124.ewr53.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b72f049d802b99a6f023fde1a4a7d81566ae8ec55dee7836d97d7ca1abf54176

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:00:45 GMT
x-amz-version-id: 4.OVIWpuAnm_gzRqVdRg4ELcLh42pq5i
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
age: 1505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Feb 2023 22:40:07 GMT
server: AmazonS3
etag: W/"55e1997b6f8f986669f4640729e3d6fe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: nMWWpA-nAEkezkFS0I7TjOcR11yVHhOxMifCoJhm2uj6xSyp7VMyeg==

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/afac78d381b547529232acd8e168a635/ Frame 82D5 43 B
420 B 159ms
32ms Image
image/gif 52.0.8.169
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/afac78d381b547529232acd8e168a635/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25%23Y291bnRyeV9jb2RlPUFVJnBhZ2VfdXJsPWh0dHBzJTNBJTJGJTJGc3F1YXJldXAuY29tJTJGYXUlMkZlbiUyRnByZXNzJTJGcmVmdW5kLXBvbGljeS11cGRhdGUmZW52PXByb2QmcmVmZXJyZXI9JmF2dD1jMzEzNTY4Yy0xNjZhLTQ5NjQtOTcyMC1lYzY4ZTUwYWNmMjU%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.8.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-8-169.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,4019c01c6f513a7a28650150c3688f86,10.0.0.163,47844,96.9.249.34,,107419250631,1,1678055149.070,0.002,,.,0,0,0.000,0.000,-,0,0,197,100,50,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 beacon
r.turn.com/r/ Frame 82D5 43 B
398 B 211ms
44ms Image
image/gif 2620:112:f002:bbbb::21
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=r16hjI4OQKNywunZbQa6fch4TZYc8306A0eTiI-ZjfjR8KGE7dCyzowHiqaGAPEhLH99UYqFghBPRrGr3L8QJg&cid=&bprice=&URL=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&Referrer=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Mar 2023 22:25:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

OPTIONS
H2 200 v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 40ms
36ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 05 Mar 2023 22:25:49 GMT
requestid: drift2acc4a14d179cdd390b486308d9
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1

POST
H2 200 v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 3781 25 B
88 B 53ms
51ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: cf486373c66dc515
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 3781 11 KB
5 KB 191ms
190ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

3948590632aae585d993f373a2041b9155c629ce18835c77a3d2783f59129708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: istio-envoy
requestid: 29291dceb32c7f0c
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 157
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version

GET
H2 204 5013225.js Show response
bat.bing.com/p/action/ Frame 82D5 0
118 B 108ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5013225.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 05 Mar 2023 22:25:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39CCBCAA037345F1B238F90F6497DECB Ref B: NYCEDGE1716 Ref C: 2023-03-05T22:25:49Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 82D5 0
360 B 40ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5013225&tm=gtm002&Ver=2&mid=58bccbde-faaa-4ad7-b22f-c93a7a5efa00&sid=ae3481d0bba411eda9051550f1168aa4&vid=ae34bb00bba411ed8f9e9b3177226e4d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Square%20Analytics&p=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&r=&lt=8055&evt=pageLoad&ifm=1&sv=1&rn=815722

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 05 Mar 2023 22:25:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 04A03CF10A8A437FB394016FDFCD3FF5 Ref B: NYCEDGE1716 Ref C: 2023-03-05T22:25:49Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%...
adservice.google.com/ddm/fls/z/ Frame 2A6E 42 B
107 B 57ms
53ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25

Requested by

Host: 12345.fls.doubleclick.net
URL: https://12345.fls.doubleclick.net/activityi;dc_pre=CIrhxMjqxf0CFR0JaAgdQwMGPQ;src=12345;type=Monitor;cat=PageView;ord=6336286777537;gtm=45He3310;~oref=https%3A%2F%2Ftealium-f.squarecdn.com%2Fgtm-container.html%3Fcountry_code%3DAU%26page_url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252Fen%252Fpress%252Frefund-policy-update%26env%3Dprod%26referrer%3D%26avt%3Dc313568c-166a-4964-9720-ec68e50acf25?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://12345.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/ Frame 82D5
Redirect Chain

https://id.rlcdn.com/464526.gif
https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCO2tlKAGEgUI6AcQAEIASgA
https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w
https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w&verifyHash=eb653731a289102909624ac3c3c4bb30cabecd67

26 B
409 B

35ms
35ms

Image
image/gif

13.33.60.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w&verifyHash=eb653731a289102909624ac3c3c4bb30cabecd67
Protocol: HTTP/1.1
Server: 13.33.60.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-37.ewr52.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 22:25:49 GMT
Via: 1.1 b78bfeca7339074512b7289497872df2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 23007e211c2fbf7e
X-Amz-Cf-Id: Mlc79qft5vn8HwMd1OLYyboIVp-Cn173LVbMtG-nlbk3PIsngzAE0Q==

Redirect headers

Date: Sun, 05 Mar 2023 22:25:49 GMT
Via: 1.1 b78bfeca7339074512b7289497872df2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=liveramp&user_id=Xc1297zD4OazDEiISQPDKafuXP6776sYdXruYblxMdhYYPY-w&verifyHash=eb653731a289102909624ac3c3c4bb30cabecd67
Connection: keep-alive
trace-id: f42d4470a46e408b
Content-Length: 0
X-Amz-Cf-Id: ewptzX3nqskiLq7Oz8kTlF6yyWhnTXx2aCazR9fuPdou_-DSk23wVw==

POST
H2 200 ip.json Show response
api.company-target.com/api/v2/ Frame 82D5 451 B
954 B 117ms
51ms XHR
application/json 13.226.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?referrer=null&page=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&page_title=3rd%20Party%20iFrame
Requested by: Host: tag.demandbase.com
URL: https://tag.demandbase.com/14e503e7ed5f221c.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-39-90.ewr53.r.cloudfront.net
Software: nginx /
Resource Hash: a2a29fe92c7282a0b25196740fab1b998e2ab8d6561067547f2525c6f16aa15d

Request headers

Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 08e4533f506df09f2c978ceaed6e2310.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
request-id: 86cd343f-ab42-426a-a445-48572fd38e1c
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://tealium-f.squarecdn.com
access-control-expose-headers
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7tLasssmkV38BpPF0gSuCnVXhCcxOypz3KElUEP8eLacjzm6dsuq2g==
expires: Sat, 04 Mar 2023 22:25:49 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 5183
Redirect Chain

https://insight.adsrvr.org/track/up?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0

893 B
1 KB

57ms
47ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 0d71ba70785c2ba48176737c58242ec460366335e4c61187801b2a1397da55f8

Request headers

Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:49 GMT
location: https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/265932/domain/tealium-f.squarecdn.com/ Frame 82D5 36 B
375 B 113ms
28ms XHR
application/json 2600:9000:21ec:9400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/265932/domain/tealium-f.squarecdn.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21ec:9400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 21:33:30 GMT
content-encoding: gzip
via: 1.1 e792582e94d051796ee83e4a94038f8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 3139
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: Wn5TEZAEf90V_QMctaeEkf1akNeBhsDpZK-fdm2WkUq3k5vvu-aCsQ==

GET
H2

200

collect
px4.ads.linkedin.com/ Frame 82D5
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D265932%26time%3D1678055149063%26url%3Dhttps%253A%252F%252Fsquareup.com%252Fau%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true&e_ipv6=AQIICQD99BB...

0
488 B

111ms
48ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true&e_ipv6=AQIICQD99BBZJgAAAYaz4Y9PdWMteS5psgeYNzhj71NZb_NTwt-kjdCvs2eHtoUWTP5SWDc
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 05 Mar 2023 22:25:48 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FCA786B64BC841239DA2CE1182AF4E7E Ref B: NYCEDGE1606 Ref C: 2023-03-05T22:25:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2LqkZlUJbAInUUP7vKQ==

Redirect headers

date: Sun, 05 Mar 2023 22:25:49 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 619F9774B39A4F178FF01F8CE19DE66F Ref B: EWR311000102035 Ref C: 2023-03-05T22:25:49Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=265932&time=1678055149063&url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&cookiesTest=true&liSync=true&e_ipv6=AQIICQD99BBZJgAAAYaz4Y9PdWMteS5psgeYNzhj71NZb_NTwt-kjdCvs2eHtoUWTP5SWDc
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX2LqkXs9EpfmyJ6ZEEDQ==

GET
H2 200 send-post-request.js Show response
martech-production-c.squarecdn.com/ Frame 82D5 592 B
1004 B 26ms
26ms Script
application/javascript 13.33.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://martech-production-c.squarecdn.com/send-post-request.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P72T5M5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-98.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 280bd2185118544d1777aec588ff0394a8abae3e82efdf74a26ef0a2b83d84e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: h3cZVopSvPG96Tnqdaw8za7cjI9wOnPs
date: Sun, 05 Mar 2023 08:27:52 GMT
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 20:44:18 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
age: 50278
x-amz-server-side-encryption: AES256
etag: "8ee775801179e9b10599e53c07e9a0cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 592
x-amz-cf-id: ck8aRe5Xfg2W1ToDmPIaSlf7hvzCmHUPMvUv-Fg8HeHizgFlZRyqQQ==

POST
H3 200 sgtm_tag_monitoring Show response
us-central1-sq-sgtm-prod.cloudfunctions.net/ Frame 82D5 319 B
190 B 291ms
290ms XHR
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-sq-sgtm-prod.cloudfunctions.net/sgtm_tag_monitoring
Requested by: Host: martech-production-c.squarecdn.com
URL: https://martech-production-c.squarecdn.com/send-post-request.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 76bcc1ba2380c617a813c7aa8fde31037784ab640ea2c736526e76f5a9aad7b4

Request headers

Referer: https://tealium-f.squarecdn.com/gtm-container.html?country_code=AU&page_url=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&env=prod&referrer=&avt=c313568c-166a-4964-9720-ec68e50acf25
accept-language: en-US,en;q=0.9
Authorization: Bearer h9NabsHpt@Pg!yuUtRn6*ja.TGMQXx@BAXjAhhM6i9yPzKQKJKMw2sbtEEAsqMry
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e0926ad06ecb678d334d8d4b6674a2a5
cache-control: private
function-execution-id: gyvfya2vkbp5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172

OPTIONS
H3 204 sgtm_tag_monitoring
us-central1-sq-sgtm-prod.cloudfunctions.net/ Frame 0
0 61ms
60ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-sq-sgtm-prod.cloudfunctions.net/sgtm_tag_monitoring
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://tealium-f.squarecdn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=utf-8
date: Sun, 05 Mar 2023 22:25:49 GMT
function-execution-id: iw2oqobytewo
server: Google Frontend
x-cloud-trace-context: 45b5e888b129004efef12cf8cb6df917

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 5183 487 B
987 B 27ms
26ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=atphjrs&ref=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&upid=ryupk6w&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sun, 05 Mar 2023 09:03:05 GMT
Via: 1.1 2f5727cd85b40e905349d2b5268f3dbc.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 48165
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: B2aQVONzIyj_cdDAt45NZrbJmExy9-bsp6akryV7s-qdoAkD8bSjMw==

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 1042
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Db3e72378-cac5-4b4d-820a-98d116e4bc0a
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6804367242380401746&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a

70 B
590 B

35ms
35ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6804367242380401746&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 05 Mar 2023 22:25:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 2a3086db-fba4-47bf-b06d-412149efe576
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sun, 05 Mar 2023 22:25:49 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=6804367242380401746&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 96.9.249.34; 96.9.249.34; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 1D75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YjNlNzIzNzgtY2FjNS00YjRkLTgyMGEtOThkMTE2ZTRiYzBh&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d11...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&google_gid=CAESEEQ0ph42KEZ1qeqVsFEnsSQ&google_cver=1

70 B
590 B

38ms
38ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&google_gid=CAESEEQ0ph42KEZ1qeqVsFEnsSQ&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 05 Mar 2023 22:25:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Mar 2023 22:25:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&google_gid=CAESEEQ0ph42KEZ1qeqVsFEnsSQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 6250
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b3e72378-cac5-4b4d-820a-98d116e4bc0a&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3Ej7BAlE2uK4raI4UD.9YvxYJEVuzDs-~A&gdpr=0

70 B
590 B

34ms
34ms

Document
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3Ej7BAlE2uK4raI4UD.9YvxYJEVuzDs-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Sun, 05 Mar 2023 22:25:49 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Sun, 05 Mar 2023 22:25:49 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-3Ej7BAlE2uK4raI4UD.9YvxYJEVuzDs-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
event.api.drift.com/ Frame 3781 591 B
650 B 36ms
35ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f40c0697aee0c3a35df0b56cb2f952f7ddf2081618019e6c7aded1da0e9cdd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNzQ4ODEwNzE2NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjc0MTIiLCJleHAiOjE3MDk2Nzc1NDksImlhdCI6MTY3ODA1NTE0OX0.8Vc4ktfGiUZXiLrkTsb3e7Lo7VrMUQbE-TWJ6ElgwM1yVjw-WWCjfbPhrQe7cZoXfuKI2LLVED4EFjCFUO5OlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: d54edcc6065c7198
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 591

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 43ms
34ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 05 Mar 2023 22:25:49 GMT
requestid: drift2695b19436c8b76a76290abbbad
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3781 18 KB
7 KB 28ms
27ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core?d=1&embedId=mshc9skt2uyu&eId=mshc9skt2uyu&region=US&forceShow=false&skipCampaigns=false&sessionId=36338f8e-4e2e-4fcd-99da-5f30ae92340a&sessionStarted=1678055140.335&campaignRefreshToken=1f6ffec9-8ee6-47c9-b0b8-50083f086f64&hideController=false&pageLoadStartTime=1678055138823&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:22:48 GMT
x-amz-version-id: VNdlB8aq7hsMD9xmH2piO6MjwkFFx9yo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 442981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Tue, 28 Feb 2023 19:03:42 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: LQpTcOs8Y7wr6oqvigcncAM7t8ynHNAq8y9G411Sse5KJzKAC5RuJg==

POST
H2 200 identify Show response
event.api.drift.com/ Frame 3781 937 B
1001 B 203ms
202ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/identify

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

8564efc0da52f9c979bcf6f1d49efa80a5025fff18856a002bf1d035e063d8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: da4b8987e9df1940
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
x-envoy-upstream-service-time: 168
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 937

OPTIONS
H2 200 identify
event.api.drift.com/ Frame 0
0 34ms
34ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 05 Mar 2023 22:25:49 GMT
requestid: drift3befd6140b4b404e179a3e239e2
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

GET
H2 200 58.377a2854.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 3D41 18 KB
7 KB 27ms
27ms Script
application/javascript 13.225.223.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/58.377a2854.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.f4c2c5ba.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.223.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-223-77.jfk51.r.cloudfront.net

Software

istio-envoy /

Resource Hash

130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1678055138823
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:22:48 GMT
x-amz-version-id: VNdlB8aq7hsMD9xmH2piO6MjwkFFx9yo
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 bc4b5a0c950f70df08b33cfb9288c098.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK51-C1
age: 442981
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 54
last-modified: Tue, 28 Feb 2023 19:03:42 GMT
server: istio-envoy
etag: W/"33f417d96bdfff4c4e2ac5468c815f07"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5MtcNGDMHKqr-h4VQnvFnZZOWCY0ynnZ47kYOuFp6x0cg_ixJRvHZw==

GET
H2 200 css
fonts.googleapis.com/ Frame 3781 6 KB
1 KB 102ms
40ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/18.f6a0a0cb.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 22:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:51:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 22:25:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3D41 6 KB
756 B 97ms
55ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/18.f6a0a0cb.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Mar 2023 22:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:50:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Mar 2023 22:25:49 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3781 44 KB
44 KB 92ms
28ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:26:47 GMT
x-content-type-options: nosniff
age: 323942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 04:26:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3781 44 KB
44 KB 119ms
55ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:26:47 GMT
x-content-type-options: nosniff
age: 323942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 04:26:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3D41 44 KB
44 KB 137ms
74ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:26:47 GMT
x-content-type-options: nosniff
age: 323942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 04:26:47 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 3D41 44 KB
44 KB 147ms
84ms Font
font/woff2 2607:f8b0:4006:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://js.driftt.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 04:26:47 GMT
x-content-type-options: nosniff
age: 323942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 04:26:47 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 01FF 7 KB
7 KB 155ms
42ms Document
text/html 52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg

Requested by

Host: aax-fe.amazon-adsystem.com
URL: https://aax-fe.amazon-adsystem.com/s/iu3?d=generic&ex-fargs=%3Fid%3D5ac2b763-321c-127f-15af-218a051df271%26type%3D4%26m%3D111172&ex-fch=416613&ex-src=https://squareup.com/au/en&ex-hargs=v%3D1.0%3Bc%3D591205393709958818%3Bp%3D5AC2B763-321C-127F-15AF-218A051DF271&cb=474451306034762800&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

6191afe69b40218ced97c989d1b40d69dce17621ccd0a121fae00e4365c50809

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://aax-fe.amazon-adsystem.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6704
Content-Type: text/html;charset=ISO-8859-1
Date: Sun, 05 Mar 2023 22:25:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CWEYQ3DFPMGAHDFT0WAP

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=BOogxwxFQKmbc8zXJC5a_w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BOogxwxFQKmbc8zXJC5a_w

43 B
479 B

39ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BOogxwxFQKmbc8zXJC5a_w

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9JRRBFESZ4Y160CT1VE2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
AN-X-Request-Uuid: d6a2d6d1-263e-48fa-bd10-0a6ac5d1c274
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=BOogxwxFQKmbc8zXJC5a_w
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 96.9.249.34; 96.9.249.34; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=p3ACtj6QSO-y-dY8sbljng&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=p3ACtj6QSO-y-dY8sbljng&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DimprovedigitalHMT%26id%3D%7BPUB_USER_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7

43 B
479 B

65ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KRDTDMEA8WSWVX940MC5
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=improvedigitalHMT&id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7
access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:25:49 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=OYqnumfIQeuS81vELTtwmA&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=5262227870318371258

43 B
479 B

67ms
54ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=5262227870318371258

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9S6BX7PEWWW4QG2M9HD2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=equativHMT&id=&sspid=5262227870318371258
pragma: no-cache
date: Sun, 05 Mar 2023 22:25:49 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=213460604446013157664&ex=neustar.biz

43 B
479 B

38ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=213460604446013157664&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: CKXJQG8BD0F07AYJY2GB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:49 GMT
via: 1.1 b9da5ed239e7d2c1a0b20bd76696c844.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=213460604446013157664&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: qfShYeR_WcmMqX1HJhrKraLWqCPGH9kQ9t2enziVKjVEKo463voQ5g==
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=_2FjztlYRYW-FEb5oMao3A&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=_2FjztlYRYW-FEb5oMao3A&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAUW7X619Z84voxxwAtC0gAA

43 B
479 B

45ms
45ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAUW7X619Z84voxxwAtC0gAA

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 52R1E2V45Y01NVHWXDBK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=ZAUW7X619Z84voxxwAtC0gAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=7e85cd031f23d561c8594fa8e55b874e

43 B
479 B

47ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=7e85cd031f23d561c8594fa8e55b874e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: VCNF9W7QXK86J33WWSTQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=7e85cd031f23d561c8594fa8e55b874e
Date: Sun, 05 Mar 2023 22:25:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

71ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Q52F3J9SG15FC40WYMQH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Sun, 05 Mar 2023 22:25:49 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=9AHZPgIUR5SlcOBbu8dn1w
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=9AHZPgIUR5SlcOBbu8dn1w

43 B
479 B

65ms
41ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=9AHZPgIUR5SlcOBbu8dn1w

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3WN2MWR0KD026ZKCC70Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=9AHZPgIUR5SlcOBbu8dn1w
date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=fcfa58f2-5d7f-4db0-9140-c089099db0a0

43 B
479 B

62ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=fcfa58f2-5d7f-4db0-9140-c089099db0a0

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BSXABCP9A4HCVBBSHFF0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=fcfa58f2-5d7f-4db0-9140-c089099db0a0
Date: Sun, 05 Mar 2023 22:25:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=e377cc2676e04ea7ab58295fed12483a

43 B
479 B

74ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=e377cc2676e04ea7ab58295fed12483a

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XY5DTTEHCDYJKWF6G8AG
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=telaria.com&id=e377cc2676e04ea7ab58295fed12483a
date: Sun, 05 Mar 2023 22:25:49 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2 200 dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 01FF 0
122 B 102ms
27ms Image
text/plain 198.54.201.131
DAILYMOTION For p...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=VIL3hGxPSbu5oO2wSVrKew&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT2&id=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.54.201.131 , United States, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),

Reverse DNS

ingress-01-pub-prod-nyc.vip.dailymotion.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-dm-lb-name: ingress-nginx-nginx-in-cluster-xv7r2
date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
https://ups.analytics.yahoo.com/ups/58725/cms?partner_id=AMAZON&ex=gemini
https://s.amazon-adsystem.com/ecm3?id=y-RUmSff9E2pEL8Hb3yHunVvj7lMwHvzzWKlhI~A&status=OK&ex=gemini

43 B
479 B

83ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=y-RUmSff9E2pEL8Hb3yHunVvj7lMwHvzzWKlhI~A&status=OK&ex=gemini

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 25V5SB0B052S8HJV18NS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=y-RUmSff9E2pEL8Hb3yHunVvj7lMwHvzzWKlhI~A&status=OK&ex=gemini
date: Sun, 05 Mar 2023 22:25:49 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=c7568fd6614cd9a4f3b457cbf6a225&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

43ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=c7568fd6614cd9a4f3b457cbf6a225&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1QFS9BNCP3D1X7PC0MCV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=c7568fd6614cd9a4f3b457cbf6a225&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1678055150060069-308

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

42ms
42ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NDYKETGD1F8GZKYSJ0CP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 0a4f6965adeb6ede9b7ffa17215c0b16.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=FRT1SGGKZFA7A8Q7E5JZ:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: FRT1SGGKZFA7A8Q7E5JZ
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: kmveSkwoj0JmSZSXSYlUNDtqn4ctmG9LuYx_Yzu2XfzNcIIPIjmaxA==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 01FF 0
337 B 126ms
31ms Image
text/plain 44.198.102.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=Ls3-RmvYRGa3tSgJr-92-g&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.198.102.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-102-139.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: beacon-n010-ash-prod.krxd.net
date: Sun, 05 Mar 2023 22:25:50 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1678055150
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7&ex=improvedigital.com

43 B
479 B

50ms
50ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2N87176QDS8SVMGBNHTQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=35fcc791-3eae-46f4-ac6d-ec4761c9eee7&ex=improvedigital.com
access-control-allow-origin: *
date: Sun, 05 Mar 2023 22:25:50 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 pixel.gif
usersync.samplicio.us/amazon/ Frame 01FF 0
186 B 100ms
32ms Image
text/plain 3.228.92.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.92.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-92-231.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:50 GMT
x-ratelimit-remaining: 0
location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
cache-control: no-cache, no-store, must-revalidate
x-ratelimit-reset: 0
x-ratelimit-limit: 0
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10da3203909ebbf3a

43 B
479 B

55ms
55ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10da3203909ebbf3a

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NRQEX0NHGCT8M3EQA241
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10da3203909ebbf3a
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
critical-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Jh8OTgnOSuWXu2lwcw-siw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Jh8OTgnOSuWXu2lwcw-siw

43 B
479 B

40ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Jh8OTgnOSuWXu2lwcw-siw

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZBWS55Q1XV6KX390V1TN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Jh8OTgnOSuWXu2lwcw-siw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 19ea072139d67f7022c6e463249c998e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=l7GLKaxeQEmDxK6FOqWwVg&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=a91cd82f15477f675e5a285dbf3f8aa&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=l7GLKaxeQEmDxK6FOqWwVg

43 B
479 B

48ms
48ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=a91cd82f15477f675e5a285dbf3f8aa&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=l7GLKaxeQEmDxK6FOqWwVg

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JX2ARHV20VA2W0XYX495
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=a91cd82f15477f675e5a285dbf3f8aa&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=l7GLKaxeQEmDxK6FOqWwVg
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1678055150095055-257

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=4-vgXKdmSw6AWmcG_jMToA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=4-vgXKdmSw6AWmcG_jMToA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29142895653637505314047734567336002726

43 B
479 B

39ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29142895653637505314047734567336002726

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8YS7RKBNHPT76VQ739DY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-1-v042-0a5238209.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: H863RWBUS/g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=29142895653637505314047734567336002726
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=ZAtYQjCdQ0KXj4m4f9Zpvg
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829190670459339&gdpr=&gdpr_consent=

43 B
479 B

42ms
42ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829190670459339&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JKH9WG36N359WY04VQ6P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10596829190670459339&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=268821837971972619

43 B
479 B

40ms
40ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=268821837971972619

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XKRWJDY84XZ54S319DDK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=268821837971972619
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=aeeddba6-bba4-11ed-948b-1630a1100103
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aeeddb3e-bba4-11ed-948b-1630a1100103

43 B
479 B

43ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aeeddb3e-bba4-11ed-948b-1630a1100103

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FT7DY95XZJEG5FYTVG2V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=aeeddb3e-bba4-11ed-948b-1630a1100103
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: false
x-fe: 471
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2262cfee07-691e-48c7-9bb1-e1337e11e10f%22,%22Time%22:%2220230305T222550.359867%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=62cfee07-691e-48c7-9bb1-e1337e11e10f

43 B
479 B

41ms
40ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=62cfee07-691e-48c7-9bb1-e1337e11e10f

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F6DG1KZYCBE44T7B0B55
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=62cfee07-691e-48c7-9bb1-e1337e11e10f
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHBa5UcUz-GxNFqmw7IpevU&google_cver=1

43 B
479 B

69ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHBa5UcUz-GxNFqmw7IpevU&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 27C2DMFKBACHT1328Z0S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEHBa5UcUz-GxNFqmw7IpevU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 01FF 20 B
20 B 101ms
31ms Image
text/plain 18.235.176.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-id-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_n-dm2-HMT_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=Ls3-RmvYRGa3tSgJr-92-g&dmt=3&ex-pl-n-g-hmt=qBPDZ0NwQfyjkmyCu4k2Ew&ep=ttam_T219Ay-cPciHbT10t-cUx_8UCPf8OEXG7E_K3D5G9y90DvVEjhxGg7z0xWkdHuIEHUAgtIzw9Bjip3XOLSiONrKhIeqN01_OYCuH6afwH-As3xE4y3QR5JKiYGYiXjRvHsmh6qz280sHwFCOIJYFAsrzAjxvh4g71rz4u-ku05FCVq70q5FJk7i4WJqTT8K2jxsxgNW2yT2WiMF-T0f3Yh_2vLZvaly6aZVallcLDJ8hs8PKkLCQk2n5ee_1w96d_WNJUdDhEf6RWM1PyaiIrLKkbD_UPc6KDfeOtApNhXfRRAU3o1CarlNSMilyEc1IrW9Nx233anCNam_HCsn3xNvOMJcPkTqGsVU0zWDcN07wUcOM224kiYFKaFwH1N132Upj_jY_9nvvHvJySyfkKFWZqPFrcQiiVJlG2U19kha9p4uDJw0T1o_YE7U1psj2EesmuwZPAV9IfxpatLLid_QxbKn2xomLsgf07_zKy2KppvgOxkPoexJ4VHI-hm3h1vk_14J6wijLBg-2a5CgCHwd1-EpbQwQ9ocg6xtCj3AJ_V_AhwXDzdnC-gMbf10QQgNQ5YLA21IOjq6zn1FqAIKRwlyagN2ZF7caBgaJWnWcMeynX3oobPdChzdB4sDXVCMx5i4Tou-Ruwbsx4YJKQ05VkIdnEt6KlEz1NvvMJ2tTptpLbyxRIWojcGo82Z2Uz4ihLs1nVe18Afkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.176.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-176-187.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-served-by: usermatch-a015-ash-prod.krxd.net
date: Sun, 05 Mar 2023 22:25:50 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=86f38b732d9addceaf0257c266d18218

43 B
479 B

41ms
41ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=86f38b732d9addceaf0257c266d18218

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: F5VCGZM3B389CS5Z8C1Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=86f38b732d9addceaf0257c266d18218
date: Sun, 05 Mar 2023 22:25:50 GMT
via: 1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: 7l-xfNwLJG94JuDYvv8MHOEj_UGiDGwir1zcNI6SKDIv0svxXWV6Ug==
x-cache: Miss from cloudfront

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2062fee6-336f-c54a-32f6-4f8057d8d773

43 B
479 B

43ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2062fee6-336f-c54a-32f6-4f8057d8d773

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: E7ANDE04CMRVS66FCME0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=2062fee6-336f-c54a-32f6-4f8057d8d773
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=LVch3S6Bv-dI7M9FuW4s5zc4dVA4ZgAC

43 B
479 B

43ms
43ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=LVch3S6Bv-dI7M9FuW4s5zc4dVA4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XPC4MW3AQBWQ66GXKRYB
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=LVch3S6Bv-dI7M9FuW4s5zc4dVA4ZgAC
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://eb2.3lift.com/xuid?mid=8341&xuid=R_NMhzpbTx-c8ND6glzGhg&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
https://eb2.3lift.com/xuid?ld=1&mid=8341&xuid=R_NMhzpbTx-c8ND6glzGhg&dongle=az46&gdpr=0&cmp_cs=&us_privacy=&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4280480132897842736142

43 B
479 B

47ms
47ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4280480132897842736142

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XT12ZMCYQ1SCJGVDB32F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=tripleliftHMT&id=4280480132897842736142
date: Sun, 05 Mar 2023 22:25:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B444F94C60CB8709

43 B
479 B

39ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B444F94C60CB8709

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K22RNKCAZ7E9WGVQ7T9C
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Frontend-ID: 11
P3P: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=B444F94C60CB8709
UIP-Response-Status: Ok
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Length: 0
Routing-Server-ID: -1
Expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=6804367242380401746&ex=appnexus.com

43 B
479 B

39ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=6804367242380401746&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1K479DSDDHVB2NSSB6F3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 05 Mar 2023 22:25:50 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.34; 96.9.249.34; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f3680814-f1f5-4ceb-b49b-5bc5508f60a6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=6804367242380401746&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=I-dKX8a7SIui5SfHA0TJ3g&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=I-dKX8a7SIui5SfHA0TJ3g

43 B
479 B

42ms
42ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=I-dKX8a7SIui5SfHA0TJ3g

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2XEVK5RKHGNPMDTW7D3A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=I-dKX8a7SIui5SfHA0TJ3g
date: Sun, 05 Mar 2023 22:25:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=9eBNK7fBlWSrWQPOQ-laMw&ex=rubiconproject.com&status=ok

43 B
479 B

269ms
269ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=9eBNK7fBlWSrWQPOQ-laMw&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: K3Y06NTYDGFSPR63AB5W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=9eBNK7fBlWSrWQPOQ-laMw&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=qBPDZ0NwQfyjkmyCu4k2Ew&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

36ms
36ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QB8AGH9WW3D70Z8F9392
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://loadus.exelator.com/load/?p=204&g=8888&j=0
https://loadus.exelator.com/load/?p=204&g=8888&j=0&xl8blockcheck=1
https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e0cb9d6d623f3ad589bbbe348100349c

43 B
479 B

38ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e0cb9d6d623f3ad589bbbe348100349c

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2ZHC7GZWYVT9D8784GSF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://s.amazon-adsystem.com/ecm3?&ex=nielsen&id=e0cb9d6d623f3ad589bbbe348100349c
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DEE1605649B160C2A02A097B2

43 B
479 B

39ms
39ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DEE1605649B160C2A02A097B2

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EE60G6TN4Z9YYJ5EPH6Y
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sun, 05 Mar 2023 22:25:50 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=F88D4F2DEE1605649B160C2A02A097B2
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Sun, 05 Mar 2023 22:25:49 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=1e2dc66f52f5ad8920dbedcde33f6dad1c5a38abfde01da0f370e0b6ada87ff9

43 B
479 B

42ms
42ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=1e2dc66f52f5ad8920dbedcde33f6dad1c5a38abfde01da0f370e0b6ada87ff9

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 08YBPATHERHJ28SB9KKT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Mar 2023 22:25:50 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=1e2dc66f52f5ad8920dbedcde33f6dad1c5a38abfde01da0f370e0b6ada87ff9
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B25609FA-0E1D-496B-B2BE-C238C61F61F2

43 B
479 B

41ms
41ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B25609FA-0E1D-496B-B2BE-C238C61F61F2

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ACX19KHJRTNAEZ2FGXV4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=B25609FA-0E1D-496B-B2BE-C238C61F61F2
date: Sun, 05 Mar 2023 22:25:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537072986&val=GtnLoWQSR1SD2-1WF3qGhg&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=GtnLoWQSR1SD2-1WF3qGhg

43 B
479 B

39ms
38ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=GtnLoWQSR1SD2-1WF3qGhg

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KQKF9HDCDE893P3S1SB4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sun, 05 Mar 2023 22:25:50 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
location: https://s.amazon-adsystem.com/ecm3?ex=openxHMT&id=GtnLoWQSR1SD2-1WF3qGhg
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 01FF
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4c5e4312-6f2b-4038-8b88-85a1f83fd5c9-tuctafe9c6e

43 B
479 B

62ms
62ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4c5e4312-6f2b-4038-8b88-85a1f83fd5c9-tuctafe9c6e

Requested by

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Mar 2023 22:25:50 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KA12DMR3JKS7G8979CQA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=4c5e4312-6f2b-4038-8b88-85a1f83fd5c9-tuctafe9c6e
date: Sun, 05 Mar 2023 22:25:50 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 33114

POST
H2 200 bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 3781 25 B
88 B 50ms
50ms XHR
application/json 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/52.b1edaf4a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
accept-language: en-US,en;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIxNzQ4ODEwNzE2NSIsImNsaWVudElkIjoiZjZ6dWl6ZHloeHJtN3IiLCJ1c2VySWRUeXBlIjoiTEVBRCIsInNjb3BlIjoibGVhZCIsImlzcyI6IjUwMjc0MTIiLCJleHAiOjE3MDk2Nzc1NDksImlhdCI6MTY3ODA1NTE0OX0.8Vc4ktfGiUZXiLrkTsb3e7Lo7VrMUQbE-TWJ6ElgwM1yVjw-WWCjfbPhrQe7cZoXfuKI2LLVED4EFjCFUO5OlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Mar 2023 22:25:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: istio-envoy
requestid: 612a317b61f7c964
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
vary: Accept-Encoding
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25

OPTIONS
H2 200 bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 34ms
34ms Preflight
text/plain 54.147.21.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.21.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-21-139.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://js.driftt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-max-age: 1209600
allow: POST,OPTIONS
content-length: 13
content-type: text/plain
date: Sun, 05 Mar 2023 22:25:51 GMT
requestid: drift08365ad47a3abe3175c9c6cb609
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.squareupmessaging.com/	1970-01-20 18:53:11	Name: iterableEndUserId Value: nicholas.hirst%40ebgames.com
.squareupmessaging.com/	1970-01-20 10:09:01	Name: iterableEmailCampaignId Value: 6289123
.squareupmessaging.com/	1970-01-20 10:09:01	Name: iterableTemplateId Value: 8443344
.squareupmessaging.com/	1970-01-20 10:09:01	Name: iterableMessageId Value: 9885a2b733a546a4b9230189ac522b48
links.squareupmessaging.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 55b237bb20f0c1469a46047c2aeec2eab17516d2-1678055138278-eff137649983f3612c32d20a
squareup.com/	1970-01-20 10:47:54	Name: squareGeo Value: US-NY
.squareup.com/	1970-01-20 10:07:36	Name: __cf_bm Value: 6wdJui.wiNcI3qu5tbtwT7p7Vzr7voBnHyGeEgGe_4U-1678055138-0-ATx3RCRfKtK+giIuv0GJkXDpj7qDIehb4EcLHblF+1hh2airE9jkmB6jX/dEsWFSHQUbM6ocrykYMGZ3q8e57/E=
.squareup.com/	1970-01-20 18:53:11	Name: _sqweb_session Value: eyJ1c2VyX3Nlc3Npb25fdG9rZW4iOiIiLCJzZXNzaW9uX2lkIjoiY2YyZjVhNDE2ODQxNDc3OWE2YmMxMDA3NjA0NmY2MTYiLCJfY3NyZl90b2tlbiI6Ik1iZVZXUG9tWldfNWUySktWLXA5dndSeml4YXJUdE1vUHFnaWJOWng0WHcifQ%3D%3D--0cb53e07e115fd09b24ab446dd478d1d921e2369d0bf31c660d69646aa0e8a70625b42c3161038cd1d32f5cb415810aa8d4baf9890f3cba583ff9811bc6c2959
.squareup.com/	1970-01-20 18:53:11	Name: _js_csrf Value: MbeVWPomZW_5e2JKV-p9vwRzixarTtMoPqgibNZx4Xw
squareup.com/	1969-12-31 23:59:59	Name: dajs_user_id_optimizely Value: null
.squareup.com/	1970-01-20 14:26:47	Name: optimizelyEndUserId Value: oeu1678055139339r0.814225312256156
.squareup.com/	1970-01-20 19:43:35	Name: _solidshop_au_guest_token Value: ImpFWjRSaVptMW8yUktMX3RkNDFmdUEi--07f0bcef5ec4594f4a385548e50daf7f2ca298f6
.squareup.com/	1970-01-20 19:43:35	Name: _savt Value: c313568c-166a-4964-9720-ec68e50acf25
.squareup.com/	1970-01-20 18:53:11	Name: dajs_user_id Value: null
.squareup.com/	1970-01-20 18:53:11	Name: dajs_group_id Value: null
.squareup.com/	1970-01-20 18:53:11	Name: dajs_anonymous_id Value: %22c313568c-166a-4964-9720-ec68e50acf25%22
.squareup.com/	1970-01-20 18:53:11	Name: da_js_user_type Value: %22anonymous_visitor%22
.squareup.com/	1970-01-20 10:09:01	Name: _gid Value: GA1.2.421933653.1678055140
.squareup.com/	1970-01-20 10:07:35	Name: _gat_trackerUA951704046 Value: 1
.squareup.com/	1970-01-20 19:43:35	Name: _mkto_trk Value: id:424-IAB-218&token:_mch-squareup.com-1678055139616-40865
.api.squareup.com/	1970-01-20 10:07:36	Name: __cf_bm Value: 7uPkVQ4mY_xG4mrBMjwbOW2xz2VXI5vL2qGW9lMuUbA-1678055139-0-AU5im0exNvcFQj62lo/Twy/mzBOE1O3lzAxWjpErQYO536f80Bb+pw5H2jln+qb+QmHSficuPOTLakmRNEgLk2k=
.squareup.com/	1970-01-20 18:53:11	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Mar+05+2023+22%3A25%3A39+GMT%2B0000+(GMT)&version=202301.2.0&isIABGlobal=false&hosts=&consentId=66bbed45-ecff-4792-a9da-eaab684a6c75&interactionCount=0&landingPath=https%3A%2F%2Fsquareup.com%2Fau%2Fen%2Fpress%2Frefund-policy-update&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.squareup.com/	1970-01-20 12:17:11	Name: _gcl_au Value: 1.1.2047981498.1678055140
squareup.com/	1970-01-20 10:07:36	Name: drift_campaign_refresh Value: 1f6ffec9-8ee6-47c9-b0b8-50083f086f64
.squareup.com/	1970-01-20 19:43:35	Name: _ga_65K13HQ4KD Value: GS1.1.1678055140.1.0.1678055140.0.0.0
.squareup.com/	1970-01-20 19:43:35	Name: _ga Value: GA1.1.1355407965.1678055140
.squareup.com/	1970-01-20 12:17:11	Name: _fbp Value: fb.1.1678055140576.1848346570
.doubleclick.net/	1970-01-20 19:43:35	Name: IDE Value: AHWqTUmlf4GXJfwYHvNriqrxGTuiwDoksIIX2qUabvhPTbYWiL1nRMOduAxbJp4b
squareup.com/	1970-01-20 10:09:01	Name: KP_UIDz-ssn Value: 02irK3xw3p5cT5dgX6e6iG2Xy7gJfJqObPkg4rGIsZC8BYkTziNCv5Oi28Av2FnlNmv6orDqi335jLgYFTEjFGdoXeYryNaBtuQIf4Gl0YyHsl3JsOM8BLs4OY4dn3JHmB7e8dFDKIOWfpwcE0ZtF3e
squareup.com/	1970-01-20 10:09:01	Name: KP_UIDz Value: 02irK3xw3p5cT5dgX6e6iG2Xy7gJfJqObPkg4rGIsZC8BYkTziNCv5Oi28Av2FnlNmv6orDqi335jLgYFTEjFGdoXeYryNaBtuQIf4Gl0YyHsl3JsOM8BLs4OY4dn3JHmB7e8dFDKIOWfpwcE0ZtF3e
squareup.com/	1970-01-20 19:43:35	Name: drift_aid Value: 3fa76c5e-0bdd-4e98-8504-13e4fef624d4
squareup.com/	1970-01-20 19:43:35	Name: driftt_aid Value: 3fa76c5e-0bdd-4e98-8504-13e4fef624d4
.bing.com/	1970-01-20 19:29:11	Name: MUID Value: 2ECB2EC8C9F46FDD20A73C03C87B6E3D
.bat.bing.com/	1970-01-20 10:17:39	Name: MR Value: 0
.turn.com/	1970-01-20 14:26:47	Name: uid Value: 4520929459007163495
.adsrvr.org/	1970-01-20 18:54:37	Name: TDID Value: b3e72378-cac5-4b4d-820a-98d116e4bc0a
.rlcdn.com/	1970-01-20 18:53:11	Name: rlas3 Value: zCyoQL+DSN8zAZOPuM135s9oohOJngW6zjZGkppYYNc=
.linkedin.com/	1970-01-20 12:17:11	Name: li_sugr Value: 7deded1b-a84b-4f50-8dc7-8271ba0a7e8e
.linkedin.com/	1970-01-20 18:53:11	Name: bcookie Value: "v=2&31f46fcc-738a-489d-828a-902e8522ad99"
.linkedin.com/	1970-01-20 10:09:01	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2566:u=1:x=1:i=1678055149:t=1678141549:v=2:sig=AQGCcxe3rXych3w6UvDNW48pYT8yuLK9"
.rlcdn.com/	1970-01-20 11:33:59	Name: pxrc Value: CO2tlKAGEgUI6AcQABIGCMrdKhAA
.linkedin.com/	1970-01-20 10:50:47	Name: UserMatchHistory Value: AQKU5m254gGqzQAAAYaz4Y7P3NIpuAnL5kdlY04-xIecFbBPRI-uIyQgaPCH5Uq98kS8VItyXvwL7Q
.linkedin.com/	1970-01-20 10:50:47	Name: AnalyticsSyncHistory Value: AQIINRbS49T0aAAAAYaz4Y7PEqQLpLmkembcLdoGuQN7cs7kyqHZXZyJdU9M7BhrbOmagWAz_YK9wrkwCIloaw
.www.linkedin.com/	1970-01-20 18:53:11	Name: bscookie Value: "v=1&2023030522254927c91aef-9e9a-47db-81b6-7fbc442a516aAQErAVe_oB30mhQbTF2Fq-l4uhkDnQcl"
.company-target.com/	1970-01-20 19:43:35	Name: tuuid Value: db1f1ed7-bea0-486f-8dbc-ba1ca6d4cfa7
.company-target.com/	1970-01-20 19:43:35	Name: tuuid_lu Value: 1678055149
.yahoo.com/	1970-01-20 18:53:32	Name: A3 Value: d=AQABBO0WBWQCEIOb9jWj3xRvKH3IafNuJ3QFEgEBAQFoBmQOZAAAAAAA_eMAAA&S=AQAAArxLfyAoYoXZpymBh-xFtgA
.adnxs.com/	1970-01-20 12:17:11	Name: uuid2 Value: 6804367242380401746
.amazon-adsystem.com/	1970-01-20 15:09:59	Name: ad-id Value: A4pxMjXGukNrqPUxkwTyMq8
.amazon-adsystem.com/	1970-01-20 19:43:35	Name: ad-privacy Value: 0
.adsrvr.org/	1970-01-20 18:54:37	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwiC3sOv0_TOOxAFEhUKBmdvb2dsZRILCOr74LLT9M47EAUSGQoKcmlnaHRtZWRpYRILCJDh_6zT9M47EAUYBSACKAMyCwiQ2YLa6fTOOxAFQg8iDQgBEgkKBXRpZXIzEAFaB2F0cGhqcnNgAQ..
.adnxs.com/	1970-01-20 12:17:11	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2E?hu82w:!]tbPl1M]o$IyEVUcIyiM]7K1Oo46tHKrh2@N9cJFozN$cy_:v*=lDf#BI7y)N[UD!!!'T)zc1U
.360yield.com/	1970-01-20 12:17:11	Name: tuuid Value: 35fcc791-3eae-46f4-ac6d-ec4761c9eee7
.360yield.com/	1970-01-20 12:17:11	Name: tuuid_lu Value: 1678055149
.agkn.com/	1970-01-20 18:53:11	Name: ab Value: 0001%3ApZYWitdGct%2B2PtZijbt47DEQsYCs9H0q
.bluekai.com/	1970-01-20 14:32:32	Name: bku Value: b/X99m6VOVux1yQu
.bluekai.com/	1970-01-20 14:32:32	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
.bidswitch.net/	1970-01-20 18:53:11	Name: tuuid Value: 3cba420a-eaf1-4fa3-9ffa-188be120f9f3
.bidswitch.net/	1970-01-20 18:53:11	Name: c Value: 1678055149
.bidswitch.net/	1970-01-20 18:53:11	Name: tuuid_lu Value: 1678055149
.myvisualiq.net/	1970-01-20 19:43:35	Name: tuuid Value: fcfa58f2-5d7f-4db0-9140-c089099db0a0
.myvisualiq.net/	1970-01-20 19:43:35	Name: c Value: 1678055149
.myvisualiq.net/	1970-01-20 19:43:35	Name: tuuid_lu Value: 1678055149
.tremorhub.com/	1970-01-20 18:53:32	Name: tvid Value: a4ebecffeda445cd8c1e8d87da8fbea4
.tremorhub.com/	1970-01-20 19:43:35	Name: tv_UIAM Value: e377cc2676e04ea7ab58295fed12483a
.analytics.yahoo.com/	1970-01-20 18:53:11	Name: IDSYNC Value: "1769~2acm:195g~2acm:19b9~2acm"
.casalemedia.com/	1970-01-20 18:53:11	Name: CMID Value: ZAUW7X619Z84voxxwAtC0gAA
.casalemedia.com/	1970-01-20 12:17:11	Name: CMPS Value: 1335
.casalemedia.com/	1970-01-20 12:17:11	Name: CMPRO Value: 1335
.smartadserver.com/	1970-01-20 19:39:15	Name: pid Value: 5262227870318371258
.smartadserver.com/	1970-01-20 19:39:15	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 18:54:37	Name: csync Value: 144:OYqnumfIQeuS81vELTtwmA
.360yield.com/	1970-01-20 12:17:11	Name: um Value: !416,3trTqGARKZF3EY1Xr-bb1NbR,1685831150
.360yield.com/	1970-01-20 12:17:11	Name: umeh Value: !416,0,1740263150,-1
.ads.stickyadstv.com/	1970-01-20 10:50:47	Name: UID Value: a91cd82f15477f675e5a285dbf3f8aa
.ads.stickyadstv.com/	1970-01-20 10:27:44	Name: uid-bp-30833 Value: l7GLKaxeQEmDxK6FOqWwVg
.krxd.net/	1970-01-20 14:26:47	Name: _kuid_ Value: PaszotoQ
ads.samba.tv/	1970-01-20 19:39:15	Name: sambapxid Value: 10da3203909ebbf3a
.adform.net/	1970-01-20 10:52:13	Name: C Value: 1
.mookie1.com/	1970-01-20 19:36:23	Name: id Value: 10596829190670459339
.mookie1.com/	1970-01-20 19:36:23	Name: mdata Value: 1\|10596829190670459339\|1678055150167
.mookie1.com/	1970-01-20 19:36:23	Name: ov Value: 9fab7cca768f34ca15d2dcaa450b757d
.rubiconproject.com/	1970-01-20 18:53:11	Name: khaos Value: LEVYPKKM-S-60HU
.adform.net/	1970-01-20 11:33:59	Name: uid Value: 268821837971972619
.spotxchange.com/	1970-01-20 10:47:54	Name: audience Value: aeeddb3e-bba4-11ed-948b-1630a1100103
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1678055150_1
.serving-sys.com/	1970-01-20 12:17:11	Name: u2 Value: 62cfee07-691e-48c7-9bb1-e1337e11e10f4Lt070
.scorecardresearch.com/	1970-01-20 19:43:35	Name: UID Value: 17D4c3d30a1baed825721ae1678055150
.3lift.com/	1970-01-20 12:17:11	Name: tluid Value: 4280480132897842736142
.openx.net/	1970-01-20 18:53:11	Name: i Value: ab18bdc2-8642-4147-a82e-05ff5bcc2f6e\|1678055150
.demdex.net/	1970-01-20 14:26:47	Name: demdex Value: 29142895653637505314047734567336002726
.pubmatic.com/	1970-01-20 12:17:11	Name: KRTBCOOKIE_290 Value: 23219-I-dKX8a7SIui5SfHA0TJ3g&KRTB&23261-I-dKX8a7SIui5SfHA0TJ3g
.pubmatic.com/	1970-01-20 10:50:47	Name: PugT Value: 1678055149
.semasio.net/	1970-01-20 18:53:11	Name: SEUNCY Value: B444F94C60CB8709
.exelator.com/	1970-01-20 13:00:23	Name: EE Value: "e0cb9d6d623f3ad589bbbe348100349c"
.dpm.demdex.net/	1970-01-20 14:26:47	Name: dpm Value: 29142895653637505314047734567336002726
.rubiconproject.com/	1970-01-20 18:53:11	Name: audit Value: 1\|xa4dJ5y/YGvckrlzcrugWtldgZeLReBP4MK56okIvOd+xL8LlrcUaLNaFPFWerYq/9ho4fJhUTjyUhTWCqUS/K1sEWZomT4FxD6eoMVMhhGzZBLH4aYNe8YxKVMhLoE+HNam4p/44b2Bq1u0XziNGcQosMH4rx7EAVZMf7k9zyXynhDmszAPOA==
.exelator.com/	1970-01-20 13:00:23	Name: ud Value: "eJxrXxzq6XKLQSHVIDnJMsUsxczIOM04McXUwjIpKSnV2MTC0MDA2MQyeXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQYEl%252BUWb6otDgxUUpaQyLSopPBR%252BO%252FAgAuisq6Q%253D%253D"
.ispot.tv/	1970-01-20 19:43:35	Name: pt Value: v2:1e2dc66f52f5ad8920dbedcde33f6dad1c5a38abfde01da0f370e0b6ada87ff9\|0b46c3c240f436f70e8e527b5ac56fed140f16a9259c4469daa11062481dc206
.pubmatic.com/	1970-01-20 18:53:11	Name: KADUSERCOOKIE Value: B25609FA-0E1D-496B-B2BE-C238C61F61F2
.taboola.com/	1970-01-20 18:53:11	Name: t_gid Value: 4c5e4312-6f2b-4038-8b88-85a1f83fd5c9-tuctafe9c6e
.ninthdecimal.com/	1970-01-20 14:26:47	Name: ndat Value: LU+N+GQFFu4qDBabspegAg==
squareup.com/	1970-01-20 10:07:36	Name: _dd_s Value: rum=1&id=de30901e-1e9d-466c-b0d0-7f641b3dab85&created=1678055139474&expire=1678056039475

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://squareup.com/mp/status Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://squareup.com/149e9513-01fa-4fb0-aad4-566afd725d1b/2d206a39-8ed7-437e-a3be-862e0f06eea3/fp Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=631152000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12345.fls.doubleclick.net
424-iab-218.mktoresp.com
9628652.fls.doubleclick.net
a8447815042.cdn-pci.optimizely.com
aa.agkn.com
aax-fe.amazon-adsystem.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
amazon.partners.tremorhub.com
api.company-target.com
api.squareup.com
bat.bing.com
beacon.krxd.net
bootstrap.api.drift.com
bs.serving-sys.com
c1.adform.net
capi.squareup.com
cdn.cookielaw.org
cdn.linkedin.oribi.io
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
data-platform.squarecloudservices.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
errors.client.optimizely.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
kjfjb2yk.r.us-west-2.awstrack.me
lciapi.ninthdecimal.com
links.squareupmessaging.com
lm.serving-sys.com
loadus.exelator.com
logx.optimizely.com
martech-production-c.squarecdn.com
match.360yield.com
match.adsrvr.org
metrics.api.drift.com
odr.mookie1.com
pi.ispot.tv
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
r.turn.com
reporting.cdndex.io
rtb-csync.smartadserver.com
rum.browser-intake-datadoghq.com
s.amazon-adsystem.com
sb.scorecardresearch.com
segments.company-target.com
snap.licdn.com
square-fonts-production-f.squarecdn.com
squareup.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.myvisualiq.net
tag.demandbase.com
tags.bluekai.com
tapi.optimizely.com
tealium-f.squarecdn.com
token.rubiconproject.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-central1-sq-sgtm-prod.cloudfunctions.net
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.linkedin.com
x.bidswitch.net
xms-production-f.squarecdn.com
13.107.42.14
13.225.214.84
13.225.223.77
13.226.39.90
13.33.60.37
13.33.60.9
13.33.60.98
13.35.97.222
141.226.224.48
142.250.176.194
142.251.32.98
142.251.40.230
143.204.138.162
151.101.129.49
151.101.193.49
151.101.194.132
162.159.137.66
18.144.72.236
18.224.163.104
18.235.176.187
185.167.164.39
192.28.147.68
192.35.249.137
192.40.39.223
198.54.201.131
199.187.193.197
2001:4860:4802:36::36
23.205.6.178
23.217.19.182
2600:1400:9000::687e:74ca
2600:1400:c000:385::19f0
2600:1f18:24e6:b902:ce86:cbe1:655c:7a53
2600:1f18:612b:4264:fcc9:15b9:95fe:244c
2600:9000:20ed:8400:15:8642:3040:93a1
2600:9000:21ec:9400:2:53b2:240:93a1
2606:4700::6810:3865
2606:4700::6813:bc61
2607:f8b0:4004:c09::9c
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:80f::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:820::2002
2620:112:f002:bbbb::21
2620:1ec:21::14
2620:1ec:c11::200
2a03:2880:f07e:9:face:b00c:0:3
2a03:2880:f172:81:face:b00c:0:25de
3.136.169.148
3.219.0.3
3.228.92.231
3.33.220.150
3.82.84.2
34.228.28.62
34.98.67.114
35.155.61.223
35.190.60.146
35.190.90.30
35.211.178.172
35.244.159.8
44.198.102.139
45.79.141.248
50.57.31.206
52.0.156.250
52.0.8.169
52.223.22.214
52.43.134.153
52.44.178.153
52.45.33.138
52.46.151.131
52.6.57.179
52.85.61.124
52.94.215.121
54.147.21.139
63.251.28.234
68.67.179.113
69.173.151.100
76.13.32.147
8.28.7.81
8.28.7.83
99.84.119.94
012deec03fbfd6c92c075b502ee777e094cd1a0cedb202a84cde1218b3b60fb4
01db0d203405ed4ec9c98bdcb0db8781188bcf88582788fb0e1c3c92c3e24f4f
047d14c117d25e9e0a1a2ba3f4aa23a602d417fc7402294e484d20b19140ecf1
04e85eea06f360b431634528dfb02ea384ed5ba559988779e3fd05548bd2d4f3
07aa00aa3aa0d7f661d70680b81bb38d1af1160d7b8d391b1812a51070620535
0800d0ee633445e8e187b53e660d133b5329e1c9e94a77ed1126d3ebf8912125
0852e24fd36247f041d4eb692b0b69876645690b6da4926db912702e77f15678
0d71ba70785c2ba48176737c58242ec460366335e4c61187801b2a1397da55f8
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0fa90c9e195798597245f53e9dc98259304276626836677ffaf0f9fa18f9a189
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
120def079fc4e239098c571e178a9a1b73746f05c6f65a97cd7291b8c13aa401
130688f16399fc1980b2900037a220bc182f4b0c320621dc7d70ec721514765e
16ab19138b25dd9a33eace9e0a61357b3d8c701c1e8dd4a5f7b5e22364a3935c
1f8c7f71962fc65d5b3d6ed9f004acb44dbffead12fb969177ce7f3e36001857
200a359f0489bda767af63764ca362de52502f1b0d16be5ea35b2d2f2ebc4f57
20bade3fe577eb0459ea9aecc92f104b1956171f01df77e5fc1e6456854c3e5c
280bd2185118544d1777aec588ff0394a8abae3e82efdf74a26ef0a2b83d84e3
28816769ece0ee343025ff388216c645e175c92cce4db6bd812a321b1ad345c6
2b79c849f888ccaea3cccf48473cf5461a2209400abd16487dd78a249b3746ae
2cad4b42923d3a34a334db1a49de0bf43a976eb2a2b78e2bc3efd92417a358a9
2cb69644d1877e6dfa38adcfddfc21208f12a43753394381a54587438db2e666
2f9b594ee0336b052fb94aa941d2e201f4a386f0b6d1cf27610437e4c2228304
3169ab3142fbf3ecf7eee1b5682a4556ed8a3d4ba940befa71c31b5a43991d92
32463e767124f7199af6f6c2154a1192fdd0405a0c04981b1f90639e0a744d78
33b9b7f9d6a532fde4e63a963d76b11cbff4b7aeefe9c9168ff034dafe8da1d8
3948590632aae585d993f373a2041b9155c629ce18835c77a3d2783f59129708
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
43580e037fc59487c315cc0a33e1167f17c8430dd41aa375e21f4d6d325e8f28
439ec628b9bc1ff7faa3842e9b53f61f5ea26f2e288ff86236e27be6c0e2bf0c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c76e6edfac60dd71bb02337d2a47bd6b41f3f045043ad0e939a51c0984d3274
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda4b5575532ad6a713d3d9bbcde581c519d9b8d0202363925ddc80049eed6d
5438711dd20522194aaf43fc8bc73abce666d988fde7d5b29935c63e8b20e544
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5575694036a2d342f18ca455251396c6dc98214f30641c3c7539d5568aefd6e9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57aea80e2685178189b473e9588071375b2971d524b7db45723d8ae0bf9a778c
5811becfceb9c687e1b7af2caddc84272b8b0790e418bc90414bc91505684b73
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5978185f53e19d8f1d3a1efe0d40c21cba249017a4d6af5bc5654b147d15ee62
5a30a316edd9f2ecc4ff28c02886285bf2ddf901eaf80c77633f12fcde02643c
5c7f0b219872825774a800f3246f8a762ca92e9b89fae202ac842867134b18fb
5dbaf0a4ff0f8ac8c1b67550eee84390b089604ffaf71183e417636c7e183ac5
5e610547cbf9f5463e6cd50c71044a0b444972687a143f29a798e175d6078718
5efe4b5fa2d6905b487120d2bb685102320743363525ee8e16141cba5b3d4b2d
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6191afe69b40218ced97c989d1b40d69dce17621ccd0a121fae00e4365c50809
65b530cdc8b9c49fbb1bf3a1511d1289afbe6c3c333b00d32555282969fba497
67146edeb4020894fa250e4dc4bd096dd5195e23aa15161cccab1f030d5bbb9c
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6a636926916454fc360db34a2bb50a1e47d9585e721bbab07219a3235a7ebfa8
70955dddcd784f39f2c4dfac351f377a8e7cab12676fed11c419efd61e472bf1
709d69bca6a0fb4f466cebd0a311960e56f6aa3d04795403b18577dfda78f5c6
70fd7f6ced21739e10103744c72acdfc8e8422502d74d4fad2ddfab3aed0bbc5
762c2749580c286a68d4528d912a4afa02a17dc2025c6c65b17b0dfab8291408
76bcc1ba2380c617a813c7aa8fde31037784ab640ea2c736526e76f5a9aad7b4
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c0c296aaf1516b58ca5f2652416203be4c44730de363810d981816d16598369
7cb58278c8f54a62c0afa6da0c67b3a45aad637a0bf614e9c0dd42b73cee266b
7d698de4e545cf981470a003ef8249ab0fe497358e0bbf591ae7c36883ed6658
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8564efc0da52f9c979bcf6f1d49efa80a5025fff18856a002bf1d035e063d8f1
862bae5c822d87db86d0b893f474177ca1d9a51309354f12cc0ab85cd9bd9cf7
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8ab6891019c69c729441517bed2c703ec68058f913e9fe0d9840617f89473421
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d872f0fc3c539694fa5b5102857ee7e38819a3dc3216b5b4698b236e74d0e6d
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
95245f488fc923a05392ac8ca5985ac00d44b0603ba7b987d103475181268d88
958a03c833d9116f7ab9a5ee503f7b0360b9291b268bfb77128a8f0e19238613
971cc47c39cf340f9323d66b5595a88ee5e3422f6de98934999c2eb2517dbd12
9816a830644a445ce026ed2a19ff36dffdc7406f0e94a086cab736539ad790ca
9afda9d2e0004285a711254df4524e216da91619f0861d386cb8edec8231e96f
9d88866c6295ffc0cadaa1ccb951367e196737a413482176d5787b70aae04ef0
a1bcb5b2228bddf8d0d1b691c10bf297a0f16fd62369fb96b3158d7c672c109b
a2a29fe92c7282a0b25196740fab1b998e2ab8d6561067547f2525c6f16aa15d
aebb00a87098780f0361f68e369ceba4ec04ffc631b73e42a48f1112edc975a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b19039e127a086cf9c4e50da49ebb11265889c1c7bfa8b591360978377799b33
b2710eb43e1896ed1dfc4ff4fb5578f9186894438e89d514c4f43d165fb3f1ce
b3481de1d6c8b41bd667d3943eabce5466916d1673969e7aad98295737c48861
b6c82b23f85d9848b4137b1aff2a97c3a139cf941e9aab0302c35a7f4adb5a37
b72f049d802b99a6f023fde1a4a7d81566ae8ec55dee7836d97d7ca1abf54176
b7c5d1d3e03d31b9b450c0aac2972f3aef995be2a69ec5ecfa6200c4a321ef40
b7cdf6f793e0d021419fc19fe2b3ca2a8487b301115eaa3b4c49cf552f799158
bceee10c241fc64a7e0868848fccc29e6a405bd7c7a569d9712e406bc56be1ba
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b7a45d31339f18ed57fd095feca4da1b3fbab75a5afbc053957f6e8e1613a2
c5cb1da93342a14688ffb8a170ab7b503ac8b393f7ba3f964d5ae0051f05a2ec
c8c302716cf94980a0d77e614d9fb6c430f166b5ef7c42b7c382771955e52ba6
c96b2cd5b57e02ce65ab0a787a6c8ea69efbf424064e15500691847cd879e8ca
cba70d41db343add3f16ae30f5e7f32831fd1e23b00157b7d7bf323708340b30
cdeb836f7f77cd2174fa0bb4aa3825963aa64faf657a24f988b82f1c4d28ce69
d14e287ddae470b06c4639e73260ca21a4c9b7cfdf56e02965a8f50fb5333b42
d641c13a78017e11f15b152b78082bcd0cf474766f13ba649bfa6378d956c492
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dae686cf866b07cf0a1a9e0e88f8fb26d82097dc677611a8accb92b53395cde3
dafc07f1010c9143470c626b6d0c197eedfe72980f7ea392cea45a96b1cdc4a8
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
e11e7676cb4332944ae6c7a9abd2b87d56721ebbf87227cc2dac0a7c343b3a16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b6eae9d66c60b9c750da70da6b2bc5d35c2ae9689cc1e9547e300fac4a3ba
e76b6ca74cb56845448fbed05589c4af6556a577c865f45e10b3b6e50a1e3bcc
e8e658c81a7ff92a6e0f9049ee3a8fc42082e8303abb6ed44c73361259cbdbae
ec3a84e593065a50cd77ce9fba273b4196936940c0813ca248b045df2e2c8eff
ec547a2f9fde5ce8e398da2810828ba3c30c641ce2761f5bf915225efb35f919
ecce39d17e9a257134727f155398b7a48ca3d3428dbc3252621373fb49dd1b7b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f061bcf23c86a4e238c0dc67bc3489f6f09b4846f9d0f5b131cebdfc377ad18b
f3342c52eee43a2ea931cae2ee2d6d9a2939432ffcb03bb4f2983ac7e49b26cc
f40c0697aee0c3a35df0b56cb2f952f7ddf2081618019e6c7aded1da0e9cdd17
f46108976666130f89c43a82ee045f7a3afb264494060ef6b3d9eb6589e49d16
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f6ada6da39dbd575d9ae048067c2cddd9f39623fe07bf92cd5f0dbed40c92e7d
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
fece75816d3e78b929f712f88b59ce9784d197f8be89293f044bd228856962b1
fef5d131982a33c34525acfb0ba651a7715b15e34cbc458ab444f3d347b1a257
fffcc021124d70080ddd0c52562645c46e03ff39c924ced85c1bfd62cb8b8767

squareup.com Open in urlscan Pro 162.159.137.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

82 %HTTPS

27 %IPv6

65 Domains

92 Subdomains

48 IPs

4 Countries

2735 kBTransfer

9119 kBSize

103 Cookies

13 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

squareup.com Open in urlscan Pro
162.159.137.66 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

82 %
HTTPS

27 %
IPv6

65
Domains

92
Subdomains

48
IPs

4
Countries

2735 kB
Transfer

9119 kB
Size

103
Cookies

238 HTTP transactions
2 data transactions