payment.gmt.io Open in urlscan Pro
172.67.22.151 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Submission: On July 07 via manual (July 7th 2024, 3:45:14 pm UTC) from NL — Scanned from NL

Summary HTTP 100 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 43 IPs in 8 countries across 38 domains to perform 100 HTTP transactions. The main IP is 172.67.22.151, located in United States and belongs to CLOUDFLARENET, US. The main domain is payment.gmt.io.
TLS certificate: Issued by E1 on May 26th 2024. Valid for: 3 months.

This is the only time payment.gmt.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	172.67.22.151 172.67.22.151	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.79.73 104.16.79.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
1	18.239.94.113 18.239.94.113	16509 (AMAZON-02) (AMAZON-02)
2	216.58.206.40 216.58.206.40	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
4	185.199.109.133 185.199.109.133	54113 (FASTLY) (FASTLY)
1	18.65.39.84 18.65.39.84	16509 (AMAZON-02) (AMAZON-02)
1	104.18.26.46 104.18.26.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.239.36.44 18.239.36.44	16509 (AMAZON-02) (AMAZON-02)
20	104.18.27.46 104.18.27.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.64.220 2.18.64.220	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 8	87.250.250.119 87.250.250.119	13238 (YANDEX) (YANDEX)
1	99.86.159.22 99.86.159.22	16509 (AMAZON-02) (AMAZON-02)
1 4	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	173.194.76.157 173.194.76.157	15169 (GOOGLE) (GOOGLE)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11 14	34.251.55.181 34.251.55.181	16509 (AMAZON-02) (AMAZON-02)
1	93.158.134.119 93.158.134.119	13238 (YANDEX) (YANDEX)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.248.246.252 34.248.246.252	16509 (AMAZON-02) (AMAZON-02)
1	172.67.73.11 172.67.73.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.74.36 172.67.74.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.70.101.28 3.70.101.28	16509 (AMAZON-02) (AMAZON-02)
1	172.67.73.90 172.67.73.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.71.168 172.67.71.168	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	128.1.77.230 128.1.77.230	21859 (ZEN-ECN) (ZEN-ECN)
1	18.239.83.59 18.239.83.59	16509 (AMAZON-02) (AMAZON-02)
2	18.239.94.97 18.239.94.97	16509 (AMAZON-02) (AMAZON-02)
2	18.214.210.209 18.214.210.209	14618 (AMAZON-AES) (AMAZON-AES)
100	43

23 172.67.22.151 (United States)

ASN13335 (CLOUDFLARENET, US)

payment.gmt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.79.73 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.94.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-113.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.199.109.133 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-133.github.com

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-84.ams1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.26.46 (None, )

ASN13335 (CLOUDFLARENET, US)

verify.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.36.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-44.ams58.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.18.27.46 (None, )

ASN13335 (CLOUDFLARENET, US)

explorer-api.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.64.220 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-220.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 87.250.250.119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.159.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-22.mxp64.r.cloudfront.net

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.34.36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.157 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.251.55.181 (Dublin, Ireland) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (San Francisco, United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.246.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-246-252.eu-west-1.compute.amazonaws.com

x.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.11 (United States)

ASN13335 (CLOUDFLARENET, US)

wallet.tg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.36 (United States)

ASN13335 (CLOUDFLARENET, US)

tonkeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.70.101.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-101-28.eu-central-1.compute.amazonaws.com

mytonwallet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.90 (United States)

ASN13335 (CLOUDFLARENET, US)

tonhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

xtonwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.168 (United States)

ASN13335 (CLOUDFLARENET, US)

wallet.ton.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.77.230 (Paris, France)

ASN21859 (ZEN-ECN, US)

s.pvcliping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-59.ams58.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.94.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-97.ams1.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.210.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-210-209.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	gmt.io payment.gmt.io	814 KB
21	walletconnect.com verify.walletconnect.com — Cisco Umbrella Rank: 36722 explorer-api.walletconnect.com — Cisco Umbrella Rank: 64959	46 KB
16	adroll.com 11 redirects s.adroll.com — Cisco Umbrella Rank: 4243 d.adroll.com — Cisco Umbrella Rank: 1976 x.adroll.com — Cisco Umbrella Rank: 6790	42 KB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7857	4 KB
4	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 3776	1005 KB
3	intercom.io widget.intercom.io — Cisco Umbrella Rank: 3671 api-iam.intercom.io — Cisco Umbrella Rank: 3719	8 KB
3	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 427	2 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2408	274 B
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2765	71 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 5085	283 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 306	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 773	2 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 158 cm.g.doubleclick.net — Cisco Umbrella Rank: 301	655 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 85	223 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1008 script.hotjar.com — Cisco Umbrella Rank: 1416	60 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 87	2 KB
1	pvcliping.com s.pvcliping.com — Cisco Umbrella Rank: 118131	1 KB
1	ton.org wallet.ton.org — Cisco Umbrella Rank: 59110	16 KB
1	xtonwallet.com xtonwallet.com — Cisco Umbrella Rank: 64301	8 KB
1	tonhub.com tonhub.com — Cisco Umbrella Rank: 61085	68 KB
1	mytonwallet.io mytonwallet.io — Cisco Umbrella Rank: 50486	63 KB
1	tonkeeper.com tonkeeper.com — Cisco Umbrella Rank: 54131	4 KB
1	wallet.tg wallet.tg — Cisco Umbrella Rank: 55952	25 KB
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 521	141 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1665	91 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 543	126 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 1229	541 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 977	218 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 652	265 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 477	239 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 442	235 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 216	59 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 8914	409 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1793
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1217	14 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3696	232 B
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1133	7 KB
100	38

	Domain	Requested by
23	payment.gmt.io	payment.gmt.io static.cloudflareinsights.com
20	explorer-api.walletconnect.com	payment.gmt.io
14	d.adroll.com	11 redirects s.adroll.com payment.gmt.io
6	mc.yandex.com	3 redirects payment.gmt.io mc.yandex.ru
4	raw.githubusercontent.com	payment.gmt.io
3	px.ads.linkedin.com	snap.licdn.com payment.gmt.io
3	region1.analytics.google.com	1 redirects www.googletagmanager.com
3	mc.yandex.ru	1 redirects www.googletagmanager.com payment.gmt.io
2	api-iam.intercom.io	js.intercomcdn.com
2	js.intercomcdn.com	widget.intercom.io
2	ib.adnxs.com	1 redirects payment.gmt.io
2	dsum-sec.casalemedia.com	1 redirects payment.gmt.io
2	www.googletagmanager.com	payment.gmt.io www.googletagmanager.com
2	fonts.googleapis.com	payment.gmt.io
1	widget.intercom.io	payment.gmt.io
1	s.pvcliping.com
1	wallet.ton.org
1	xtonwallet.com
1	tonhub.com
1	mytonwallet.io
1	tonkeeper.com
1	wallet.tg
1	x.adroll.com	payment.gmt.io
1	eb2.3lift.com	payment.gmt.io
1	sync.taboola.com	payment.gmt.io
1	ups.analytics.yahoo.com	payment.gmt.io
1	image2.pubmatic.com	payment.gmt.io
1	sync.outbrain.com	payment.gmt.io
1	us-u.openx.net	payment.gmt.io
1	pixel.rubiconproject.com	payment.gmt.io
1	cm.g.doubleclick.net	payment.gmt.io
1	x.bidswitch.net	payment.gmt.io
1	connect.facebook.net	s.adroll.com
1	www.google.nl	payment.gmt.io
1	region1.google-analytics.com	payment.gmt.io
1	stats.g.doubleclick.net	www.googletagmanager.com
1	s.adroll.com	payment.gmt.io
1	snap.licdn.com	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	verify.walletconnect.com	payment.gmt.io
1	script.hotjar.com	static.hotjar.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.hotjar.com	payment.gmt.io
1	static.cloudflareinsights.com	payment.gmt.io
100	44

This site contains links to these domains. Also see Links.

Domain
gomining.com
storage.googleapis.com

Subject Issuer	Validity	Valid
payment.gmt.io E1	`2024-05-26` - `2024-08-24`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.github.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
walletconnect.com E5	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
s.adroll.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.adroll.com Amazon RSA 2048 M03	`2023-10-23` - `2024-11-18`	a year	crt.sh
wallet.tg WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
tonkeeper.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.mytonwallet.io E5	`2024-06-21` - `2024-09-19`	3 months	crt.sh
tonhub.com WE1	`2024-06-28` - `2024-09-26`	3 months	crt.sh
xtonwallet.com GTS CA 1P5	`2024-05-15` - `2024-08-13`	3 months	crt.sh
ton.org GTS CA 1P5	`2024-05-22` - `2024-08-20`	3 months	crt.sh
s.pvcliping.com TrustAsia RSA DV TLS CA G3	`2023-09-28` - `2024-10-27`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Frame ID: 3ECEEA82700DF987F47987317078D923
Requests: 94 HTTP requests in this frame

Frame: https://verify.walletconnect.com/55fb90434d51a5053a08287736dbb52a
Frame ID: DA9233F8F2B6B7C4CA22B6B2E8A0F7C6
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: A7EC92A954A64C7DBED77782D43DF997
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b4b6b51d.js
Frame ID: 7F8B58635FAFA9C89C472CA6D3EEB1D6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GoMining Pay

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

100
Requests

86 %
HTTPS

0 %
IPv6

38
Domains

44
Subdomains

43
IPs

8
Countries

2864 kB
Transfer

6404 kB
Size

51
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://gomining.com/privacy
Title: Privacy policy

Search URL Search Domain Scan URL

URL: https://gomining.com/cookie-policy
Title: Cookies policy

Search URL Search Domain Scan URL

URL: https://gomining.com/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://storage.googleapis.com/gmt-public-prod/docs/gomining-pay-refund-policy.pdf
Title: Refund policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720367108058&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2090116108.1720367109&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720367108&sct=1&seg=0&dl=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&dt=GoMining%20Pay&en=lp_page_view&_c=1&_et=2&tfd=1666&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2090116108.1720367109&dbk=4088211532622864982&dma=1&dma_cps=syphamo&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F

Request Chain 61

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10423.icwDOFVoTSU1O6POecFBaG1nrjr2vMItwQbaxGh81jwl6-0TQb9UJlsuzLr_1Wvz.u8N5QSXJ5vB7bsVaocuXK2uIqls%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10423.2BVBkQtJjkYropwAHhHCHXAYOTbI8Mox7nPk-8Kth0PoG4vszQ6pd74WzS3eOo6dZpL5EPh_k0cv3vAxkvo6BV_Kpe_loSQkYNOXds4-vlR5xc-G7mcm5xgJaMOA1AV_hd0TRb4GiUbgbjCZdOG5B_kzuoVz65Eht5JkicQ1PRedzRw_b2VbkcPg9yLjwNea2LOlw72ePE3mScuogJhhNsHVLF6EeApLdGgOVEePG7E%2C.LPxnNkEXCBP8XF4HX7tsCT_HeS0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10423.tFTpkvIZsdcKwenY-9TBh5PkMFWMxa1QlvLwAW_U1ZOsCbsY42hQg-4fzn0LzFU6dNVYJSCF13id8F_ATO_DjFyUPyUMx7Oqg9EHIyxnDaT2HWL_bj1X0UhNZ7EjV5LLu1XYaf2Uw3FHmTO28plxRtq1oi_LwiynrxjV0RzlcqV_1KtX_MMOz5j_EbIGZCW7XOioHYbvm1x_lGL_s0qq3g%2C%2C.LWEaYfKGzJgMv0Ls9Uc_QfUnlFI%2C

Request Chain 64

https://mc.yandex.com/watch/95709663?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1063920987362%3Ahid%3A927065802%3Az%3A120%3Ai%3A20240707174509%3Aet%3A1720367109%3Ac%3A1%3Arn%3A298194946%3Arqn%3A1%3Au%3A1720367109204346630%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1057%3Awv%3A2%3Ads%3A0%2C350%2C96%2C2%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C1019%3Aco%3A0%3Acpf%3A1%3Ans%3A1720367107028%3Agi%3AR0ExLjEuMjA5MDExNjEwOC4xNzIwMzY3MTA5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720367109%3At%3AGoMining%20Pay&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1063920987362%3Ahid%3A927065802%3Az%3A120%3Ai%3A20240707174509%3Aet%3A1720367109%3Ac%3A1%3Arn%3A298194946%3Arqn%3A1%3Au%3A1720367109204346630%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1057%3Awv%3A2%3Ads%3A0%2C350%2C96%2C2%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C1019%3Aco%3A0%3Acpf%3A1%3Ans%3A1720367107028%3Agi%3AR0ExLjEuMjA5MDExNjEwOC4xNzIwMzY3MTA5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720367109%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Request Chain 68

https://d.adroll.com/cm/b/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

Request Chain 69

https://d.adroll.com/cm/g/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VF4xcTwG4HZTUaYZvCFckA

Request Chain 70

https://d.adroll.com/cm/index/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109&C=1

Request Chain 72

https://d.adroll.com/cm/n/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expires=365

Request Chain 73

https://d.adroll.com/cm/o/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=545e31713c06e0765351a619bc215c90&gdpr=1&gdpr_consent=

Request Chain 74

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=&us_privacy=1---

Request Chain 75

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 76

https://d.adroll.com/cm/r/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 77

https://d.adroll.com/cm/taboola/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

Request Chain 78

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&dongle=c85e

Request Chain 79

https://d.adroll.com/cm/x/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2baf570c-1456-4de9-a02c-cb2a02f49e82 Show response
payment.gmt.io/invoice/ 2 KB
1 KB 457ms
96ms Document
text/html 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

93da62068399af678aa7d33d5cbc104b99d1acc58a94851f18ab184969616390

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cf-cache-status: DYNAMIC
cf-ray: 89f8f5b53f5d9205-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 07 Jul 2024 15:45:07 GMT
server: cloudflare
strict-transport-security: max-age=3600
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY
x-nextjs-cache: MISS
x-powered-by: Next.js
x-xss-protection: 1

GET
H2 200 674562d336b5715c.css
payment.gmt.io/_next/static/css/ 176 KB
27 KB 89ms
89ms Stylesheet
text/css 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/css/674562d336b5715c.css

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac5e5a18e2e0e6e343ed19f82fdfe2a81b0f456422d58e2e5c4251feaba97ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"2bf0b-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5d8139205-FRA
x-xss-protection: 1

GET
H2 200 webpack-a32d703dbef74abf.js Show response
payment.gmt.io/_next/static/chunks/ 4 KB
2 KB 46ms
46ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e438e219aa453c4042a823accda4f5687dca9908e02f5d4abcdd2b715c05451f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"e49-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5d8169205-FRA
x-xss-protection: 1

GET
H2 200 framework-73b8966a3c579ab0.js Show response
payment.gmt.io/_next/static/chunks/ 138 KB
44 KB 42ms
40ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/framework-73b8966a3c579ab0.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2aa3ac062cdef13af1c2e28c6e95e36732484bd756fb6194a105b61af7c057

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"22712-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e82b9205-FRA
x-xss-protection: 1

GET
H2 200 main-9c40a0f8bdc1e4d7.js Show response
payment.gmt.io/_next/static/chunks/ 104 KB
31 KB 61ms
60ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/main-9c40a0f8bdc1e4d7.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5288d0a84434bdc3fcd94fa748398b9c58f78940318f4b1e923a4c76cb948127

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"19ee6-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e82d9205-FRA
x-xss-protection: 1

GET
H2 200 _app-0b81273926c53f4c.js Show response
payment.gmt.io/_next/static/chunks/pages/ 902 KB
283 KB 64ms
63ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4887df375c3fc57aacb5341251f5f4453e37b0b0491f4aafbd56e39305d7510

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"e1984-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e8309205-FRA
x-xss-protection: 1

GET
H2 200 764-1ea219de6b8324ef.js Show response
payment.gmt.io/_next/static/chunks/ 26 KB
8 KB 44ms
43ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/764-1ea219de6b8324ef.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7969dcfe9ef954ed7f367acb58c255c02fb03207250e52b0da4278e50941838f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"6952-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e8329205-FRA
x-xss-protection: 1

GET
H2 200 258-79ce2e7badb541dc.js Show response
payment.gmt.io/_next/static/chunks/ 502 KB
146 KB 63ms
62ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6c7006f9b5db8584267c34e4c1c43eba9e58505c892ed462c6abc2989d2025f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"7d915-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e8349205-FRA
x-xss-protection: 1

GET
H2 200 %5Bslug%5D-bf12cc4d6da215de.js Show response
payment.gmt.io/_next/static/chunks/pages/invoice/ 60 KB
13 KB 43ms
42ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/pages/invoice/%5Bslug%5D-bf12cc4d6da215de.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ee3d792191cbc2a116b9f4fe6c526b11be673a73ee9bad85b0d9c731dce951

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"f0fb-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e8369205-FRA
x-xss-protection: 1

GET
H2 200 _buildManifest.js Show response
payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/ 569 B
398 B 63ms
62ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/_buildManifest.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b545ce85ef76222fafdd46c1fe7ddc096cf00b268b7102223b18314ad2ed1fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
age: 171536
etag: W/"239-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e8389205-FRA
x-xss-protection: 1

GET
H2 200 _ssgManifest.js Show response
payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/ 131 B
187 B 63ms
63ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/_ssgManifest.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8cdb6bd9623a596740743460a0bcd6fff106479f387ad8afa6fdf25d23e08f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 14:33:31 GMT
server: cloudflare
age: 171536
etag: W/"83-1906eb71678"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b5e83a9205-FRA
x-xss-protection: 1

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 431ms
72ms Script
text/javascript 104.16.79.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.79.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Origin: https://payment.gmt.io
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89f8f5b82bb59bac-FRA

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
865 B 381ms
31ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jul 2024 15:27:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jul 2024 15:45:07 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 378ms
28ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 07 Jul 2024 15:45:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 07 Jul 2024 14:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 07 Jul 2024 15:45:07 GMT

GET
H2 200 955.57328a7d08efe8f3.js Show response
payment.gmt.io/_next/static/chunks/ 43 KB
13 KB 45ms
45ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/955.57328a7d08efe8f3.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3accde5e7823c977360bf7dbc8e58fe5dbcc80e6baa0f9bb0150973b03e3652

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"ad41-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b93c979205-FRA
x-xss-protection: 1

GET
H2 200 173.4fafd5002c720c66.js Show response
payment.gmt.io/_next/static/chunks/ 317 KB
81 KB 42ms
42ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/173.4fafd5002c720c66.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c15942f92c92c4a336d20ffcf229ab3606b588388d78b008b4f9ee8d3d1b842e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171536
etag: W/"4f34e-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b93c9a9205-FRA
x-xss-protection: 1

GET
H2 200 883.19ad8321e523c240.js Show response
payment.gmt.io/_next/static/chunks/ 85 B
143 B 44ms
44ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/883.19ad8321e523c240.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5de42099092920b23dcfac2b82c0b9c53227c17d02f47a744f6a11f71a3fd5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
age: 171536
etag: W/"55-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
content-encoding: br
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5b93c9b9205-FRA
x-xss-protection: 1

GET
H2 200 hotjar-3535041.js Show response
static.hotjar.com/c/ 9 KB
4 KB 108ms
52ms Script
application/javascript 18.239.94.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3535041.js?sv=6

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-113.ams1.r.cloudfront.net

Software

Resource Hash

9d2b59587290ae6eaff3e0734988453c91d73d7a41c6d59dc0cd48e07adaf835

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sun, 07 Jul 2024 15:45:08 GMT
via: 1.1 7cda9a7fe68f979d43fe743d9fbd0db4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
etag: W/773cb9fcc78aa81129ef16fdbc8755a9
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: _GH3ZH_lXnmbStNZTvUnu6rwJcyITmI7wBKSry4m71syRQ87bCk1IA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 347 KB
106 KB 421ms
54ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bad6e85b042e44f7747de7c2002202e57e16bff219cd49e968b5e2958cbeba51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108201
x-xss-protection: 0
last-modified: Sun, 07 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 07 Jul 2024 15:45:08 GMT

GET
H2 200 2baf570c-1456-4de9-a02c-cb2a02f49e82.json Show response
payment.gmt.io/_next/data/wowDlceK0JLhyFeytjBeg/en/invoice/ 5 KB
2 KB 58ms
53ms Fetch
application/json 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/data/wowDlceK0JLhyFeytjBeg/en/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82.json?twa=ios&slug=2baf570c-1456-4de9-a02c-cb2a02f49e82

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/main-9c40a0f8bdc1e4d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32a381eb1e344e9c664d784717ed571dc21948f9075a1cf5293ca9bb832d98a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-nextjs-data: 1
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
x-nextjs-matched-path: /en/invoice/[slug]
content-encoding: gzip
strict-transport-security: max-age=3600
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
etag: "hb7tnojlt63tr"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
x-nextjs-cache: HIT
cache-control: s-maxage=31536000, stale-while-revalidate
cf-ray: 89f8f5b97cda9205-FRA
x-xss-protection: 1

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 384ms
19ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://payment.gmt.io
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Jul 2024 01:18:40 GMT
x-content-type-options: nosniff
age: 224788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Jul 2025 01:18:40 GMT

GET
H2 200 wallets-v2.json Show response
raw.githubusercontent.com/ton-blockchain/wallets-list/main/ 4 KB
2 KB 575ms
161ms Fetch
text/plain 185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-133.github.com

Software

Resource Hash

06a1968b4448fb4365cb020058987cc95054607cc2b6cfbcb0e8875857b4eba1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 9c944484a9b5fc7572e342470df2b96506a8c6bb
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
cross-origin-resource-policy: cross-origin
content-length: 979
x-xss-protection: 1; mode=block
x-served-by: cache-mad2200144-MAD
x-github-request-id: 387A:83FB8:118AEAE:128EE01:668AB804
x-timer: S1720367109.507589,VS0,VE120
etag: W/"b1690d090c53c5195c1426eb558b625e4320dd226cefe3c66b01bf1d70f5f4a9"
source-age: 0
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sun, 07 Jul 2024 15:50:08 GMT

HEAD
H2 200 2baf570c-1456-4de9-a02c-cb2a02f49e82.json
payment.gmt.io/_next/data/wowDlceK0JLhyFeytjBeg/en/invoice/ 0
0 51ms
50ms Fetch
application/json 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/data/wowDlceK0JLhyFeytjBeg/en/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82.json?twa=ios&slug=2baf570c-1456-4de9-a02c-cb2a02f49e82

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/main-9c40a0f8bdc1e4d7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-nextjs-data: 1
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
x-nextjs-matched-path: /en/invoice/[slug]
content-encoding: gzip
strict-transport-security: max-age=3600
cf-cache-status: DYNAMIC
server: cloudflare
x-content-type-options: nosniff
etag: "hb7tnojlt63tr"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json
x-nextjs-cache: HIT
cache-control: s-maxage=31536000, stale-while-revalidate
cf-ray: 89f8f5b9ed489205-FRA
x-xss-protection: 1

GET
H2 200 get-invoice Show response
payment.gmt.io/api/ 709 B
1 KB 154ms
154ms XHR
application/json 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/api/get-invoice?hash=2baf570c-1456-4de9-a02c-cb2a02f49e82

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3f84dedcb2c2a5d7ad02edb137cab1787e3c76e9b69ad71c922434b43eb666d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
x-powered-by: Express
etag: W/"2c5-q2itqXsrqeqcj+vA4o54X+coiMM"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=E8CNVCsRMj6bChi6PuVv9gyQJfs.TMqW6uNELYs6qyQ-1720367108-1.0.1.1-vLa1muW3GivfyRu03xeTT_Cue2YlGtMKgnTxYr7a1uOhkQHQ4o8A2HW5M2F8lzqE08MxXH_CqyMLbIw6ZlYQL97uFEp1ETAwIreFuewruTWIFpUN8RUoAvH8CxrcUDDsesCA117cFQ.8tENnuchdZA"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json; charset=utf-8
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=E8CNVCsRMj6bChi6PuVv9gyQJfs.TMqW6uNELYs6qyQ-1720367108-1.0.1.1-vLa1muW3GivfyRu03xeTT_Cue2YlGtMKgnTxYr7a1uOhkQHQ4o8A2HW5M2F8lzqE08MxXH_CqyMLbIw6ZlYQL97uFEp1ETAwIreFuewruTWIFpUN8RUoAvH8CxrcUDDsesCA117cFQ.8tENnuchdZA; report-to cf-csp-endpoint
cf-ray: 89f8f5b9ed4f9205-FRA
x-xss-protection: 1

GET
H2 200 modules.e4b2dc39f985f11fb1e4.js Show response
script.hotjar.com/ 223 KB
56 KB 61ms
15ms Script
application/javascript 18.65.39.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3535041.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-65-39-84.ams1.r.cloudfront.net

Software

Resource Hash

619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 08:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9835af751c15612a813bbc131d2ce1e6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 545641
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56291
last-modified: Mon, 01 Jul 2024 08:10:34 GMT
etag: "ca025d2d8ae4b3dc51e058b782590501"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: dNUWICfRhkuvbU5p1-LG1QEPPyQB2-0AO2cSr5KfSmeznVMm-5CyWQ==

GET
H3 200 55fb90434d51a5053a08287736dbb52a
verify.walletconnect.com/ Frame DA92 0
0 83ms
62ms Document
text/html 104.18.26.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://verify.walletconnect.com/55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/173.4fafd5002c720c66.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.26.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.gmt.io https://gmt.io https://localhost: http://localhost:* https://.localhost: http://.localhost: https://127.0.0.1:* http://127.0.0.1:*

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=180
cf-ray: 89f8f5ba6f09bba1-FRA
content-encoding: br
content-security-policy: frame-ancestors https://*.gmt.io https://gmt.io https://localhost:* http://localhost:* https://*.localhost:* http://*.localhost:* https://127.0.0.1:* http://127.0.0.1:*
content-type: text/html; charset=UTF-8
date: Sun, 07 Jul 2024 15:45:08 GMT
server: cloudflare
vary: Accept-Encoding
x-csrf-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MjAzNzA3MDh9.HvNz5lddj7awRCl2oZUNlchPPcS8O6NmB1ljysJpJb4

GET
H2 204 3535041 Show response
vc.hotjar.io/sessions/ 0
232 B 126ms
37ms XHR
text/plain 18.239.36.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3535041?s=0.25&r=0.002500180002479757
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-44.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Sun, 07 Jul 2024 15:45:08 GMT
cache-control: no-store
via: 1.1 ba01234d30a5778423f79c0c58d283ce.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amz-cf-id: I2wpOwsDR12c8x4U2Xyt0908CajwdxKRlPVr4QoZqpo22TIrSoZYmw==
x-cache: Miss from cloudfront

GET
H2 200 AtypDisplay-Medium.12352d0b.otf
payment.gmt.io/_next/static/media/ 174 KB
99 KB 54ms
41ms Font
font/otf 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/media/AtypDisplay-Medium.12352d0b.otf

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea4c02c75662317218088b7c82c3b1a2a20b9627ad43a4a5cf9127b8e62b6fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/_next/static/css/674562d336b5715c.css
Origin: https://payment.gmt.io
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171478
etag: W/"2b700-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: font/otf
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5bb3e889205-FRA
x-xss-protection: 1

GET
H2 200 592.879dc58e7385d361.js Show response
payment.gmt.io/_next/static/chunks/ 24 KB
9 KB 87ms
60ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/592.879dc58e7385d361.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9916f2f8593d9e9e58321aac49435c6d4007878813355dc4bd59cde838af076

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171471
etag: W/"5ff4-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5bb3e8a9205-FRA
x-xss-protection: 1

GET
H2 200 95.cf6a888027503ce2.js Show response
payment.gmt.io/_next/static/chunks/ 29 KB
11 KB 84ms
58ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/95.cf6a888027503ce2.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9522017a84aa45f504523eafb59001817e054dcb2780dc8a4519390c23c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171471
etag: W/"7244-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5bb3e8b9205-FRA
x-xss-protection: 1

GET
H2 200 379.b2f11adf5066563c.js Show response
payment.gmt.io/_next/static/chunks/ 144 KB
40 KB 62ms
36ms Script
application/javascript 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/_next/static/chunks/379.b2f11adf5066563c.js

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9085919715509ba81f7c90a6436a85101eae5577b7053d8841e246ced3e20201

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=3600
last-modified: Mon, 01 Jul 2024 14:32:54 GMT
server: cloudflare
cf-cache-status: HIT
age: 171471
etag: W/"24171-1906eb685f0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 89f8f5bb3e8c9205-FRA
x-xss-protection: 1

GET
H3 200 wallets Show response
explorer-api.walletconnect.com/v3/ 17 KB
4 KB 256ms
193ms Fetch
application/json 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explorer-api.walletconnect.com/v3/wallets?projectId=55fb90434d51a5053a08287736dbb52a&page=1&entries=10&device=desktop&version=2
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb0299547408cf56a2a92da16429171368e451ee8bd530a3d65df72565bd030c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200, s-maxage=21600
x-robots-tag: noindex
cf-ray: 89f8f5bc19249b3f-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wallets Show response
explorer-api.walletconnect.com/v3/ 11 KB
3 KB 192ms
130ms Fetch
application/json 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://explorer-api.walletconnect.com/v3/wallets?projectId=55fb90434d51a5053a08287736dbb52a&page=1&entries=6
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70fb595f823523264755c87c8375c1d2e97439560e53483b18c4ed25d81da93d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Jul 2024 15:10:21 GMT
server: cloudflare
age: 2087
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 89f8f5bc19229b3f-FRA
x-robots-tag: noindex
alt-svc: h3=":443"; ma=86400
expires: Mon, 08 Jul 2024 03:45:08 GMT

GET
H3 200 619537c0-2ff3-4c78-9ed8-a05e7567f300
explorer-api.walletconnect.com/v3/logo/lg/ 2 KB
2 KB 193ms
133ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/lg/619537c0-2ff3-4c78-9ed8-a05e7567f300?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2c7d0615f171736909b82c7e7f0bdc536d2368c21ac464f8c956e01f0da4af2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=702+0 c=1+5 v=2024.6.0 l=2106
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 63838
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2106
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfgf6-eBCoPaITaSjJqdVEcacTfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bc1d2e9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 355 KB
117 KB 51ms
50ms Script
application/javascript 216.58.206.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8c8e446f37ecb32e10e59c262f01d551956ee029152d55f01e8bcd32f9fb50c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 119369
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 07 Jul 2024 15:45:08 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 38 KB
14 KB 388ms
19ms Script
application/javascript 2.18.64.220
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.220 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-64-220.deploy.static.akamaitechnologies.com

Software

Resource Hash

942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 18 Jun 2024 16:46:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=17678
accept-ranges: bytes
content-length: 14004

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 530ms
115ms Script
application/javascript 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6684fede-112d7"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70359
expires: Sun, 07 Jul 2024 16:45:09 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/ 96 KB
29 KB 454ms
35ms Script
text/javascript 99.86.159.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.159.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-159-22.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42033f4c03a7b739071863e5bf092684a541bac05e8c706867f99ce02c3a6e6c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: TkR7ZtutVOlt4CzZQwD4U_rh4mph0M69
Content-Encoding: gzip
Via: 1.1 b6fbc074b6a76c1767be39d5e3a2839a.cloudfront.net (CloudFront)
Date: Sun, 07 Jul 2024 14:54:59 GMT
Age: 3016
X-Amz-Cf-Pop: MXP64-C2
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Sun, 07 Jul 2024 04:30:52 GMT
Server: AmazonS3
Etag: W/"f8f0b444feb99bc7616eafd75dc4f23a"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Ks-PumgUUoctIltYV9kcd60zdOQhQMaFgey7DXTEpsP0Ob7qnKqy4g==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 348ms
18ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720367108058&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2090116108.1720367109&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720367108&sct=1&seg=0&dl=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&dt=GoMining%20Pay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1664&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.gmt.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 363ms
21ms Ping
text/plain 173.194.76.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YJ8S729D47&cid=2090116108.1720367109&gtm=45je4730v898015106z8844930801za200zb844930801&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.gmt.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720367108058&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=20901...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2090116108.1720367109&dbk=4088211532622864982&dma=1&dma_cps=syphamo&en=lp_page_view&gtm=45je4730v898015106z88449308...

0
0

24ms
24ms

Fetch
text/plain

216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2090116108.1720367109&dbk=4088211532622864982&dma=1&dma_cps=syphamo&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x570af6543bc790f0","source_keys":["1"]},{"key_piece":"0xee4db512e7ddf3aa","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"4088211532622864982","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["11220955287","11222171197"],"5":["07-07","07-06","07-05"]}}
date: Sun, 07 Jul 2024 15:45:09 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=2090116108.1720367109&dbk=4088211532622864982&dma=1&dma_cps=syphamo&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 506
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
409 B 394ms
46ms Image
image/gif 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YJ8S729D47&cid=2090116108.1720367109&gtm=45je4730v898015106z8844930801za200zb844930801&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=1111792483

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 692ed6ba-e569-459a-556a-776476829e00
explorer-api.walletconnect.com/v3/logo/lg/ 628 B
990 B 95ms
94ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/lg/692ed6ba-e569-459a-556a-776476829e00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=856+0 c=0+2 v=2024.6.0 l=628
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41301
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 628
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfaRKjj98wG78-Q94g8ciN3whHfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f409756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 93564157-2e8e-4ce7-81df-b264dbee9b00
explorer-api.walletconnect.com/v3/logo/lg/ 3 KB
3 KB 77ms
76ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/lg/93564157-2e8e-4ce7-81df-b264dbee9b00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c7fd42c1cae833f4f4732829cf156ef9064b51df3753e0304e246cf904cc14

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=836+0 c=0+4 v=2024.6.0 l=2928
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57975
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2928
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf1ApOabfxxTRxuFHP4nttwOIZfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f429756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 73f6f52f-7862-49e7-bb85-ba93ab72cc00
explorer-api.walletconnect.com/v3/logo/md/ 1000 B
1 KB 76ms
75ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/73f6f52f-7862-49e7-bb85-ba93ab72cc00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5710984e7f46092329faf76466920cec1f9fef2975e3f0bae48ed87d06aa9a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=25+0 c=1+6 v=2024.6.0 l=1000
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79465
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1000
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfRMNMx7h0m2-_fAD9P7SygyPPfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f469756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 a7f416de-aa03-4c5e-3280-ab49269aef00
explorer-api.walletconnect.com/v3/logo/md/ 780 B
1 KB 96ms
94ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/a7f416de-aa03-4c5e-3280-ab49269aef00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48029d1829129f662e23bfac26e75d741f74f826e9f845c125d46207fff8396

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=630+0 c=1+5 v=2024.6.0 l=780
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15790
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 780
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfeV6YXTHd_vyfarpvxqg62GCGfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f499756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 7e1514ba-932d-415d-1bdb-bccb6c2cbc00
explorer-api.walletconnect.com/v3/logo/md/ 910 B
1 KB 78ms
76ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/7e1514ba-932d-415d-1bdb-bccb6c2cbc00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=487+0 c=0+2 v=2024.6.0 l=910
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15041
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 910
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfmeYviP6kCNFgjEWLRBgPUJnDfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f4b9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 c39b3a16-1a38-4588-f089-cb7aeb584700
explorer-api.walletconnect.com/v3/logo/md/ 2 KB
2 KB 80ms
78ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/c39b3a16-1a38-4588-f089-cb7aeb584700?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=27+0 c=1+2 v=2024.6.0 l=1700
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78501
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1700
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfzxenqWecI6yJVG_C8-69sArsfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f4c9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 9f259366-0bcd-4817-0af9-f78773e41900
explorer-api.walletconnect.com/v3/logo/md/ 2 KB
2 KB 97ms
95ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/9f259366-0bcd-4817-0af9-f78773e41900?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=661+0 c=1+11 v=2024.6.0 l=1860
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 22060
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1860
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cftQTt3un0HlQqBazMK6bKNWLifmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f4e9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 204b2240-5ce4-4996-6ec4-f06a22726900
explorer-api.walletconnect.com/v3/logo/md/ 3 KB
3 KB 81ms
80ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/204b2240-5ce4-4996-6ec4-f06a22726900?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1594+0 c=4+7 v=2024.6.0 l=2986
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15047
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2986
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfHSK7haDWQDA9lEEikk-9BEcPfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f519756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 b6ee4efc-f53e-475b-927b-a7ded6211700
explorer-api.walletconnect.com/v3/logo/md/ 3 KB
3 KB 98ms
96ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/b6ee4efc-f53e-475b-927b-a7ded6211700?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=24+0 c=7+14 v=2024.4.0 l=2666
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 81901
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2666
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cf9TnuhjIqeWjX901zZxsJee5JfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f539756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 fbd441cc-e861-46dc-48ae-a04228ddb500
explorer-api.walletconnect.com/v3/logo/md/ 3 KB
3 KB 99ms
97ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/fbd441cc-e861-46dc-48ae-a04228ddb500?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=2099+0 c=5+9 v=2024.6.0 l=2790
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27068
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2790
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfFJ943IWAd-AliTnsJ2QbJY_MfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f549756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 7fd5a23a-3a01-4cfb-3c8b-9f43ae414400
explorer-api.walletconnect.com/v3/logo/md/ 3 KB
3 KB 99ms
98ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/7fd5a23a-3a01-4cfb-3c8b-9f43ae414400?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=441+0 c=0+7 v=2024.6.0 l=2974
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 72676
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2974
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfRafM7wSd8-Qni9A0q6y28FCOfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f569756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 afa1e46a-331a-418f-ef1f-a29f76def100
explorer-api.walletconnect.com/v3/logo/md/ 3 KB
3 KB 100ms
99ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/afa1e46a-331a-418f-ef1f-a29f76def100?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25ea9ed41695a63be1ba26ebcc960614bbaa0a191aaa1c43cc6167befaa855ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1935+0 c=0+9 v=2023.9.8 l=2642
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 935
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2642
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfL1nCmgP6YMVcRiRbWntZb4VWfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f579756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 5195e9db-94d8-4579-6f11-ef553be95100
explorer-api.walletconnect.com/v3/logo/md/ 2 KB
2 KB 101ms
100ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/5195e9db-94d8-4579-6f11-ef553be95100?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb972110359fa3a309e9f622d9efe3748fcc129bdbbd8616b0fb245736cc1757

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=384+0 c=2+6 v=2024.6.0 l=1810
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30181
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1810
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfzp266rJeWHcvqSNrSMCCnQWgfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f5a9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 7677b54f-3486-46e2-4e37-bf8747814f00
explorer-api.walletconnect.com/v3/logo/md/ 1 KB
2 KB 102ms
101ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/7677b54f-3486-46e2-4e37-bf8747814f00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d7589be044acdb28633fdf313cc6adaa15a19b27de85eb6b14ddc125e6e1a45

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=810+0 c=5+10 v=2024.6.0 l=1318
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15069
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1318
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfVAcZ3w6iX14DvHKhBFs4CgkyfmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f5c9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 3913df81-63c2-4413-d60b-8ff83cbed500
explorer-api.walletconnect.com/v3/logo/md/ 1 KB
1 KB 74ms
73ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/3913df81-63c2-4413-d60b-8ff83cbed500?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e137e626c100f7c0833a85cbcec7d41d366f3467372c333bf2cbf093329915

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=759+0 c=1+5 v=2024.6.0 l=1140
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 78352
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1140
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfujgpVvcvmeS8So3DgKnjPux4fmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f5d9756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
explorer-api.walletconnect.com/v3/logo/md/ 1 KB
2 KB 113ms
112ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8a9d0ed202eae37d485eaa6703840fd0661261e2802731020c7c1268adafa47

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=1491+0 c=10+16 v=2024.6.0 l=1420
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20576
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1420
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfwRKJ_GQ6vp6Uxle7v9sGNjM5fmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f619756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H3 200 bff9cf1f-df19-42ce-f62a-87f04df13c00
explorer-api.walletconnect.com/v3/logo/md/ 2 KB
3 KB 114ms
113ms Image
image/webp 104.18.27.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://explorer-api.walletconnect.com/v3/logo/md/bff9cf1f-df19-42ce-f62a-87f04df13c00?projectId=55fb90434d51a5053a08287736dbb52a

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e949222e63cad11d0161f059a896dd90a45de74ae22684f8fa4753252e1097

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cf-images: internal=ok/- q=0 n=3001+0 c=8+14 v=2024.6.0 l=2356
date: Sun, 07 Jul 2024 15:45:08 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12251
x-wc-r2-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 2356
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfaTCrjpacWJuqV5o58ulLeqp_fmDcyauXnchu_YTSDQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 89f8f5bd8f629756-FRA
x-robots-tag: noindex
expires: Mon, 07 Jul 2025 15:45:08 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
817 B 545ms
195ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=6096569&time=1720367108952&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:08 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6E6B54E8C15341208D71720581BC5D0B Ref B: AMS04EDGE1220 Ref C: 2024-07-07T15:45:09Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYcqi5wUWR8jdjwNdjBxg==
x-fs-uuid: 00061caa2e7051647c8dd8f035d8c1c6

GET
H2 200 collect
px.ads.linkedin.com/ 0
668 B 506ms
156ms Image
application/javascript 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720367108952&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 395470B7E2A3402A9A7C83879F84BF5E Ref B: AMS04EDGE2108 Ref C: 2024-07-07T15:45:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYcqi5wCFPRd2sjdD5JqQ==

GET
H2 200 YXLQFXAOL5CMVA2SOH3S2G Show response
d.adroll.com/consent/check/ 510 B
1 KB 433ms
33ms Script
application/javascript 34.251.55.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/YXLQFXAOL5CMVA2SOH3S2G?pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&_s=12ab9a4f1037582a421f3db2820fa23b&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.55.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 5c3ea518bbd62af1590c8b019e40b6caa56519599901b8a537831eb9b2076c3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/javascript
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 510
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10423.icwDOFVoTSU1O6POecFBaG1nrjr2vMItwQbaxGh81jwl6-0TQb9UJlsuzLr_1Wvz.u8N5QSXJ5vB7bsVaocuXK2uIqls%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10423.2BVBkQtJjkYropwAHhHCHXAYOTbI8Mox7nPk-8Kth0PoG4vszQ6pd74WzS3eOo6dZpL5EPh_k0cv3vAxkvo6BV_Kpe_loSQkYNOXds4-vlR5xc-G7mcm5xgJaMOA1AV_hd0TRb4GiU...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10423.tFTpkvIZsdcKwenY-9TBh5PkMFWMxa1QlvLwAW_U1ZOsCbsY42hQg-4fzn0LzFU6dNVYJSCF13id8F_ATO_DjFyUPyUMx7Oqg9EHIyxnDaT2H...

43 B
612 B

63ms
62ms

Image
image/gif

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10423.tFTpkvIZsdcKwenY-9TBh5PkMFWMxa1QlvLwAW_U1ZOsCbsY42hQg-4fzn0LzFU6dNVYJSCF13id8F_ATO_DjFyUPyUMx7Oqg9EHIyxnDaT2HWL_bj1X0UhNZ7EjV5LLu1XYaf2Uw3FHmTO28plxRtq1oi_LwiynrxjV0RzlcqV_1KtX_MMOz5j_EbIGZCW7XOioHYbvm1x_lGL_s0qq3g%2C%2C.LWEaYfKGzJgMv0Ls9Uc_QfUnlFI%2C

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10423.tFTpkvIZsdcKwenY-9TBh5PkMFWMxa1QlvLwAW_U1ZOsCbsY42hQg-4fzn0LzFU6dNVYJSCF13id8F_ATO_DjFyUPyUMx7Oqg9EHIyxnDaT2HWL_bj1X0UhNZ7EjV5LLu1XYaf2Uw3FHmTO28plxRtq1oi_LwiynrxjV0RzlcqV_1KtX_MMOz5j_EbIGZCW7XOioHYbvm1x_lGL_s0qq3g%2C%2C.LWEaYfKGzJgMv0Ls9Uc_QfUnlFI%2C
date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
572 B 63ms
63ms Image
image/gif 87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6684fede-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 07 Jul 2024 16:45:09 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame A7EC 0
0 508ms
61ms Document
text/html 93.158.134.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1048
content-type: text/html
date: Sun, 07 Jul 2024 15:45:09 GMT
etag: "6684fede-418"
expires: Sun, 07 Jul 2024 16:45:09 GMT
last-modified: Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/95709663/
Redirect Chain

https://mc.yandex.com/watch/95709663?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%...
https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3...

447 B
567 B

61ms
61ms

Fetch
application/json

87.250.250.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1063920987362%3Ahid%3A927065802%3Az%3A120%3Ai%3A20240707174509%3Aet%3A1720367109%3Ac%3A1%3Arn%3A298194946%3Arqn%3A1%3Au%3A1720367109204346630%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1057%3Awv%3A2%3Ads%3A0%2C350%2C96%2C2%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C1019%3Aco%3A0%3Acpf%3A1%3Ans%3A1720367107028%3Agi%3AR0ExLjEuMjA5MDExNjEwOC4xNzIwMzY3MTA5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720367109%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

2afe61fb82eb709eb41d83b5ba8494a194de0c21b6781d45623432d6bbf00a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 07-Jul-2024 15:45:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payment.gmt.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 447
x-xss-protection: 1; mode=block
expires: Sun, 07-Jul-2024 15:45:09 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 07-Jul-2024 15:45:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1063920987362%3Ahid%3A927065802%3Az%3A120%3Ai%3A20240707174509%3Aet%3A1720367109%3Ac%3A1%3Arn%3A298194946%3Arqn%3A1%3Au%3A1720367109204346630%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1057%3Awv%3A2%3Ads%3A0%2C350%2C96%2C2%2C0%2C0%2C%2C11%2C0%2C%2C%2C%2C1019%3Aco%3A0%3Acpf%3A1%3Ans%3A1720367107028%3Agi%3AR0ExLjEuMjA5MDExNjEwOC4xNzIwMzY3MTA5%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720367109%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin: https://payment.gmt.io
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 07-Jul-2024 15:45:09 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
196 B 161ms
159ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://payment.gmt.io/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 587BCF878DC44853985FDAB9B0BC00F8 Ref B: AMS04EDGE2108 Ref C: 2024-07-07T15:45:09Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://payment.gmt.io
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYcqi5ylsWd1+Ri/0oPyg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 222 KB
59 KB 360ms
19ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: s.adroll.com
URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 07 Jul 2024 15:45:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58293
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1317, tbw=2782, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: hch26pjTDYs0RqFCgTZI0cVfiaDUNAWwbJULKospj7q3CqGYiZ0U2UfrnDbocdBu609+E2jE9a1I6viO4VQLQA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 LL5QICUPWVH43HMZXFRCTG Show response
d.adroll.com/segment/YXLQFXAOL5CMVA2SOH3S2G/ 42 B
2 KB 39ms
39ms XHR
image/gif 34.251.55.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/YXLQFXAOL5CMVA2SOH3S2G/LL5QICUPWVH43HMZXFRCTG?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&cookie=&adroll_s_ref=&keyw=&p0=1535&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.55.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
x-attribution-url: https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3Da3e6bf2050b28a52c9ed66bd2a06ce35%26advertisable_eid%3DYXLQFXAOL5CMVA2SOH3S2G%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DEUR%26pv%3D66440043957.55409%26arrfrr%3Dhttps%253A%252F%252Fpayment.gmt.io%252Finvoice%252F2baf570c-1456-4de9-a02c-cb2a02f49e82%253Ftwa%253Dios
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.1
x-rule: *
x-segment-eid: UVHIYEQGSFDRPJU2LYNGKJ
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: https://payment.gmt.io
access-control-expose-headers: X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: LL5QICUPWVH43HMZXFRCTG
x-organization-eid: M4RZTSFYWZB5FFDY4CXUZE
access-control-allow-headers: Content-Type, *
x-advertisable-eid: YXLQFXAOL5CMVA2SOH3S2G
x-conversion-currency: EUR
x-segment-name: *

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://x.bidswitch.net/sync?dsp_id=44&user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

43 B
235 B

264ms
18ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sun, 07 Jul 2024 15:45:09 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=44&user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 96
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VF4xcTwG4HZTUaYZvCFckA

170 B
410 B

85ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VF4xcTwG4HZTUaYZvCFckA

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=VF4xcTwG4HZTUaYZvCFckA
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 99
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H3

200

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109&C=1

43 B
733 B

41ms
41ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109&C=1
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6RWSthtH1vNJka9oVCwTEovAOn2psaFqvZwZAuge7jZ7tkucrds%2BumaH33MznN3MDFlYM4QS%2F5QDbk2918w9qZxRwrB%2BwzZFXZKVMbmeXzevQWtE6oIVT7cazsz7c0hYrcloYBNwKs2CA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 89f8f5c3cd3191f3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkj1MItQAJCeID0usYFytJ1igg65rA97S5yZ216mw7qIW3H1JkgswAvScTm5I7L8MFgc8pkwD495SxY5EKotRGtxh1NxbQ9SLUPGMjLOslL1z3MPFpu8ZGFPNOKYRZBUmYpApiRc1BRuOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=105&external_user_id=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expiration=1751903109&C=1
cache-control: no-cache
cf-ray: 89f8f5c36ce691f3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
181 B 42ms
40ms Image
image/gif 34.251.55.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.55.181 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-55-181.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expires=365

0
239 B

96ms
20ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expires=365
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&expires=365
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 124
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=545e31713c06e0765351a619bc215c90&gdpr=1&gdpr_consent=

43 B
265 B

77ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=545e31713c06e0765351a619bc215c90&gdpr=1&gdpr_consent=
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537103138&val=545e31713c06e0765351a619bc215c90&gdpr=1&gdpr_consent=
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 108
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=&us_privacy=1---

0
218 B

305ms
93ms

Image
text/plain

70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

HTTP/1.1

Server

70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-traceid: 4bc6d76328b6d58e3a25f848f3827fc9
content-length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=adroll&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=&us_privacy=1---
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 137
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

42 B
541 B

85ms
20ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 212
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
126 B

140ms
47ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.121 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.121
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 169
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

204

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

0
91 B

62ms
15ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12148

Redirect headers

location: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 111
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f...
https://eb2.3lift.com/xuid?mid=4714&xuid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&dongle=c85e

37 B
141 B

70ms
20ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4714&xuid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&dongle=c85e
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4714&xuid=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&dongle=c85e
pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 102
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ft...
https://ib.adnxs.com/setuid?entity=172&code=NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

43 B
1 KB

23ms
23ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA

Requested by

Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://payment.gmt.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
an-x-request-uuid: 326e46b6-5f1c-4bf7-8a78-26934b65fe2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:09 GMT
an-x-request-uuid: 5f07fd38-6d84-4a96-b330-d2dd7ab070c5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
cache-control: no-store, no-cache, private
x-proxy-origin: 212.7.210.181; 212.7.210.181; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trigger
x.adroll.com/attribution/ 2 B
642 B 436ms
31ms Image
text/plain 34.248.246.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.adroll.com/attribution/trigger?fpc=a3e6bf2050b28a52c9ed66bd2a06ce35&advertisable_eid=YXLQFXAOL5CMVA2SOH3S2G&conversion_type=PageView&conversion_value=0.0&currency=EUR&pv=66440043957.55409&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.248.246.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-246-252.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"12744525684946147369","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"12744525684946147369","filters":{"source_type":["navigation"]}}],"debug_key":"2365558160749665149","debug_reporting":true,"filters":{"0":["YXLQFXAOL5CMVA2SOH3S2G"]},"aggregatable_trigger_data":[{"key_piece":"0x00000000000000000000000000000000","source_keys":["1"]}],"aggregatable_values":{"1":8192},"aggregatable_deduplication_keys":[{"deduplication_key":"14948558276950699106"}]}
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3 200 logo-288.png
wallet.tg/images/ 24 KB
25 KB 86ms
53ms Image
image/png 172.67.73.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallet.tg/images/logo-288.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.73.11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c30dcf8baf07a22361167e8dc7e8152274db474fadf9eea0a1e7bcd9a24df9e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://sentry.rtbst.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; connect-src 'self' https://sentry.rtbst.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 363
strict-transport-security: max-age=2592000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Jun 2024 12:56:39 GMT
server: cloudflare
etag: W/"5f15-19059c4f758"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w31e%2FF7%2B8wDtYRYYcmPtt2fWuTKjSDWDv8LSImtKaV0YW1iMFY4I2VUHOX%2FmLr6wlSaXz3Iml4ffe8RJdJ%2FJQzegdG2b3127f5n4KHU64I7syy8%2FX5VcAnVPTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=7200
cf-ray: 89f8f5c62bec4d67-FRA

GET
H2 200 tonconnect-icon.png
tonkeeper.com/assets/ 4 KB
4 KB 395ms
34ms Image
image/png 172.67.74.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tonkeeper.com/assets/tonconnect-icon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dfcb629bcffa853b06362c4b73d3198888bc01ab6b1b68a84409bde0b5481bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6805
content-length: 3795
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "28430af1f378c22ac4ef6c3762d07739"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a4kKhLp4sEM94aSDFTpJ0fF5lWxeaTJT%2BoslWx%2F%2FLNrGXJ6H3j0DTtDLOWFkOBRBpA89ZY7AEOIKRvpUPP7gYWyg7312K0ol01G8qC9X7uDGEjMX4RRo6QZKYTlm2y%2Bg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 89f8f5c838ef6973-FRA

GET
H2 200 icon-256.png
mytonwallet.io/ 62 KB
63 KB 74ms
20ms Image
image/png 3.70.101.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mytonwallet.io/icon-256.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-70-101-28.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

3f91196a009107e70e5f3a49321aafdd7ca187d3a8b1ab825382e95a63d4a6ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01J26XXNZCZBVAPBZTYZT2JZM2
date: Sun, 07 Jul 2024 15:45:10 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 84353
cache-status: "Netlify Edge"; hit
etag: "f1fa0e10f9b68c8f9a08ff6ce3c555ad-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 63891

GET
H2 200 openmask-logo-288.png
raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/ 7 KB
7 KB 458ms
42ms Image
image/png 185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/openmask-logo-288.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-133.github.com

Software

Resource Hash

25ef6e0912f90e0adea8597b19554aa1518521e6cf0a88cfaec303808cf4d4b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 71d080f3a6eac8cab16cb0c8ad8196812180f275
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 07 Jul 2024 15:45:10 GMT
via: 1.1 varnish
x-cache-hits: 3
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6912
x-xss-protection: 1; mode=block
x-served-by: cache-mad2200115-MAD
x-github-request-id: D746:1B302A:8CCA44:941427:665556F5
x-timer: S1720367111.500488,VS0,VE0
etag: W/"3bd3143ce8353aa8b9d4296ec4a937b1000cf8fc46a68e40afc9cb03a4030555"
source-age: 64
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sun, 07 Jul 2024 15:50:10 GMT

GET
H2 200 tonconnect_logo.png
tonhub.com/ 68 KB
68 KB 414ms
51ms Image
image/png 172.67.73.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tonhub.com/tonconnect_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6781d3a7cdd5d44f7083892ec03d04058bca8214da9e7f27300e9a68e5b6aff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
strict-transport-security: max-age=63072000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="tonconnect_logo.png"
content-length: 69267
x-vercel-id: cdg1::6j479-1720312389805-93d80e8cf0e0
server: cloudflare
x-matched-path: /tonconnect_logo.png
etag: "aafd05d9de4af75985d1b39589517d53"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FflOQ9dI%2Fz3GYEO5hD39dUiUXbicFu6h9pRYvK%2FyDv0%2FMfkHtpdtyYNH4O%2ByiByzOdj%2BquVyY39UYXlss03gtOnLjUx5h%2FKbvEbCIEUoVz58ls%2FISvRztAh5V7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 89f8f5c83ec235e5-FRA

GET
H2 200 WalletAvatar.png
raw.githubusercontent.com/delab-team/manifests-images/main/ 711 KB
712 KB 462ms
46ms Image
image/png 185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/delab-team/manifests-images/main/WalletAvatar.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-133.github.com

Software

Resource Hash

ddb20771135c376efeec8385304d44425d77eb0e2f9949f501d83d8b5835f530

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: b6bbfda6a463163745ea8de188ee89b1eda38a57
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 07 Jul 2024 15:45:10 GMT
via: 1.1 varnish
x-cache-hits: 8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 728102
x-xss-protection: 1; mode=block
x-served-by: cache-mad2200115-MAD
x-github-request-id: 33DA:24E82D:7CEFA7:84112B:666ADD69
x-timer: S1720367111.501036,VS0,VE0
etag: W/"df457b9b9debab993ac009ec9303b0d5d87ce19fbc63bd76050a8d2984b89909"
source-age: 182
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sun, 07 Jul 2024 15:50:10 GMT

GET
H3 200 icon-256-back.png
xtonwallet.com/assets/img/ 8 KB
8 KB 98ms
64ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xtonwallet.com/assets/img/icon-256-back.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ace8dd194c4e421b91d44669bab890974dc28265a1196dd41c48c70abe8debc0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 59e411b40311a4cabd8b06c67f6217917f46f6fb
date: Sun, 07 Jul 2024 15:45:10 GMT
via: 1.1 varnish
expires: Tue, 25 Jun 2024 10:48:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 7747
x-served-by: cache-fra-eddf8230030-FRA
last-modified: Fri, 07 Apr 2023 15:34:09 GMT
server: cloudflare
x-github-request-id: A044:22CBC0:5ABE50:5C6787:65DD252C
x-timer: S1711138803.572057,VS0,VE2
etag: "643037f1-1e43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9f9FKDFJ%2Bj7%2FbYBSw7wgXR7%2BVQFdpDSt6BTPuMPCAPji6N4fyOozcjdGwIdDwSfzJiCaLXaj%2F8zjN1slcAz0OwNqP1%2Bchkncl8KAOumSS5LZWPYO%2FuUaqccZfa%2FQNeZt8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89f8f5c62f2e974c-FRA
x-cache-hits: 1

GET
H2 200 qr-logo.png
wallet.ton.org/assets/ui/ 16 KB
16 KB 391ms
31ms Image
image/png 172.67.71.168
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wallet.ton.org/assets/ui/qr-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc41e7e2c2e72d3c3d78893bdf5bdfbb2aad0ada2e447e30fb9fa81b60f01005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: aee53f6d13d694bd5970ba6e19ef21a765e9b2df
date: Sun, 07 Jul 2024 15:45:10 GMT
strict-transport-security: max-age=31556952
via: 1.1 varnish
x-cache-hits: 1
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 63
x-cache: HIT
x-proxy-cache: MISS
content-length: 16076
x-served-by: cache-fra-etou8220113-FRA
last-modified: Sun, 11 Feb 2024 19:07:35 GMT
server: cloudflare
x-github-request-id: 2E00:D535:6A107F:6C91B4:6685EC62
x-timer: S1720281104.032898,VS0,VE1
etag: "65c91af7-3ecc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDOywwSOrFQ9KeA%2Fonfdni2iVjKG5TcVDZgN3W1xL5aLhlPVLv539FwJUqBbRe5QJdr9swSN%2B3VkZeObqMSTnB83Toy2S%2B1W%2FHsToo48BDhIxDSgJAzMS6KE%2F%2BdXUl58"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 89f8f5c839521e14-FRA
expires: Thu, 04 Jul 2024 00:37:15 GMT

GET
H2 200 bitget%20wallet_logo_iOS.png
raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/ 284 KB
285 KB 542ms
126ms Image
image/png 185.199.109.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/bitget%20wallet_logo_iOS.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.109.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-109-133.github.com

Software

Resource Hash

b4459fe039243c658d5b3b92cfd7fe9f6f23caa8d8745800224b581758fdf199

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: ed20f42f620611ebb9d3e301b3fd46714a0d893d
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Sun, 07 Jul 2024 15:45:10 GMT
via: 1.1 varnish
x-cache-hits: 4
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 291157
x-xss-protection: 1; mode=block
x-served-by: cache-mad2200115-MAD
x-github-request-id: 866E:0DD7:2B1FC07:2D65566:668370D1
x-timer: S1720367111.501298,VS0,VE0
etag: W/"179f9f8169f0216f0ad6ea7793e097dd66377b0d77a2adf73b9217b0222b949f"
source-age: 121
x-frame-options: deny
vary: Authorization,Accept-Encoding,Origin
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
expires: Sun, 07 Jul 2024 15:50:10 GMT

GET
H2 200 SafePal_x288.png
s.pvcliping.com/web/public_image/ 735 B
1 KB 1007ms
28ms Image
image/png 128.1.77.230
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pvcliping.com/web/public_image/SafePal_x288.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.77.230 Paris, France, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: openresty /
Resource Hash: 2173dbf44e5b986d15cb52b206af9e85e2dcc4808aebd6f7f29fdb5949f5fa4a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-log: X-Log
date: Sun, 07 Jul 2024 15:45:11 GMT
x-svr: IO
content-md5: 0538634f954d877d5ed633b704fc475d
x-reqid: pAQAAACX5OFDStoX
x-cache: HIT from BC230_FR-Paris-Paris-3-cache-1(cloudsvr)
content-transfer-encoding: binary
content-disposition: inline; filename="SafePal_x288.png"; filename*=utf-8''SafePal_x288.png
content-length: 735
x-m-reqid: 3YwAABr97KBEStoX
x-m-log: QNM:dal51;QNM3
last-modified: Thu, 15 Dec 2022 09:28:55 GMT
server: openresty
etag: "FpfPjmaer6Bl2WSld8f1ivFddVWs"
access-control-max-age: 2592000
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: na0
x-qnm-cache: Hit
x-ser: BC19_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC226_FR-Paris-Paris-3-cache-1, BC230_FR-Paris-Paris-3-cache-1

POST
H2 204 rum Show response
payment.gmt.io/cdn-cgi/ 0
164 B 33ms
33ms XHR
text/plain 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://payment.gmt.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89f8f5c5f8199205-FRA

GET
H2 200 uyrxot0s Show response
widget.intercom.io/widget/ 7 KB
3 KB 63ms
13ms Script
application/javascript 18.239.83.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/uyrxot0s
Requested by: Host: payment.gmt.io
URL: https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-59.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: eek9KFe81_rdrGEROge.QvlTxJMyiyl_
content-encoding: gzip
via: 1.1 3f24561b20ab2825cb11ac40fc1c2434.cloudfront.net (CloudFront)
date: Sun, 07 Jul 2024 15:41:13 GMT
x-amz-cf-pop: AMS58-P5
age: 241
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2668
last-modified: Thu, 04 Jul 2024 16:21:24 GMT
server: AmazonS3
etag: "a4ad2f4284a0a132d8a05c885ee87f9c"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: D2GIL79VOzxAxVZaPIZvCtKMzkznkGM8_C_fcMoikLQGDnCgBUcc2A==

GET
H2 200 favicon-32x32.png
payment.gmt.io/favicon/ 1 KB
1 KB 73ms
70ms Other
image/png 172.67.22.151
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.gmt.io/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.22.151 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c509b71e2b6c76a4a1061fe1989cfdf15bb80a55e189d5d1661cd36ea8d47f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/invoice/2baf570c-1456-4de9-a02c-cb2a02f49e82?twa=ios
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
strict-transport-security: max-age=3600
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 01 Jul 2024 14:28:41 GMT
server: cloudflare
etag: W/"477-1906eb2a9a8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 89f8f5c608299205-FRA
content-length: 1143
x-xss-protection: 1

GET
H2 200 frame-modern.b4b6b51d.js Show response
js.intercomcdn.com/ Frame 7F8B 458 KB
138 KB 82ms
17ms Script
application/javascript 18.239.94.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.b4b6b51d.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/uyrxot0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-97.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uvqm.ogeYnvR_AGasCsJz0goDf3XsLuM
content-encoding: gzip
via: 1.1 69b7884048ebe8b1ecf8d8ec9d39c85c.cloudfront.net (CloudFront)
date: Sun, 07 Jul 2024 14:21:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-P3
age: 5023
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 141000
last-modified: Thu, 04 Jul 2024 16:18:01 GMT
server: AmazonS3
etag: "f4ae053a1e340c217f12e7f3bb7c8620"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: N6HbFO-TRSdS7hUKCO5ui7wxIygqRA6kMStGZJ8fu2RnpEpLSEltAA==

GET
H2 200 vendor-modern.bc52aebd.js Show response
js.intercomcdn.com/ Frame 7F8B 455 KB
145 KB 119ms
55ms Script
application/javascript 18.239.94.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.bc52aebd.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/uyrxot0s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-97.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Mw1h9i8Md7P3qjd15fFHiY3cqmFJcVuL
content-encoding: gzip
via: 1.1 69b7884048ebe8b1ecf8d8ec9d39c85c.cloudfront.net (CloudFront)
date: Sun, 07 Jul 2024 15:17:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-P3
age: 1641
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 147287
last-modified: Thu, 04 Jul 2024 09:15:11 GMT
server: AmazonS3
etag: "045ab66ea0acdc79774f2aae33a45b67"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: Goz5FBigqIia3jGOOmDkk78okyfZK0Pjfsoy8TLNwqi8ptBEBahEDw==

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 7F8B 4 KB
2 KB 569ms
339ms XHR
application/json 18.214.210.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.210.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-210-209.compute-1.amazonaws.com

Software

nginx /

Resource Hash

a2d7d7384083e9372418135bfadf55173038293f722082fcf72a162e5f15c463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 07 Jul 2024 15:45:10 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0876d08bfee18aafd
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00028dtua0nhalu6fl3g
x-runtime: 0.233533
server: nginx
etag: W/"a2d7d7384083e9372418135bfadf5517"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payment.gmt.io
x-intercom-version: bfac396cc5e370c04f70dc48f4945b82070d97d2
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 7F8B 4 KB
2 KB 316ms
316ms XHR
application/json 18.214.210.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.210.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-210-209.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d4403f4f45afcf97def3e3423f7fe988e7b6cc50e3ae2e38a7a6685630e154d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 07 Jul 2024 15:45:11 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0876d08bfee18aafd
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0026bcinqvdg6a2uq8i0
x-runtime: 0.208584
server: nginx
etag: W/"5d4403f4f45afcf97def3e3423f7fe98"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://payment.gmt.io
x-intercom-version: bfac396cc5e370c04f70dc48f4945b82070d97d2
access-control-expose-headers: x-request-id
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 17ms
16ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106za200zb844930801&_p=1720367108058&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2090116108.1720367109&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1720367108&sct=1&seg=0&dl=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F2baf570c-1456-4de9-a02c-cb2a02f49e82%3Ftwa%3Dios&dt=GoMining%20Pay&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6673&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment.gmt.io/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 07 Jul 2024 15:45:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.gmt.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.walletconnect.com/	1970-01-20 21:52:48	Name: __cf_bm Value: mbU.9rxOJ2sFMU.Tcni5C7oJwKDaHAitn_FV9qyaCko-1720367108-1.0.1.1-AOr1foKF1Mhwur8AHHrxzSSCdxF1kO12mEDIgqS.ohnHHEeG0.h.hIJdzy3ebnH_3zllvs8gHlrV9wZtWU0v3w
.gmt.io/	1970-01-21 06:38:23	Name: _hjSessionUser_3535041 Value: eyJpZCI6IjA5NDhmNmFhLTcwNGYtNWI5Yy1iZDY3LTEwOWRjOTljYWVhOCIsImNyZWF0ZWQiOjE3MjAzNjcxMDgyODEsImV4aXN0aW5nIjpmYWxzZX0=
.gmt.io/	1970-01-20 21:52:48	Name: _hjSession_3535041 Value: eyJpZCI6IjNhZTRlYTVmLTBmYTYtNGQ3OS04MjkzLTY2MzYzNTNhNGQxOSIsImMiOjE3MjAzNjcxMDgyODEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.gmt.io/	1970-01-21 00:02:23	Name: _gcl_au Value: 1.1.2099377524.1720367109
.gmt.io/	1970-01-21 07:28:47	Name: _ga Value: GA1.1.2090116108.1720367109
.gmt.io/	1970-01-21 07:28:47	Name: _ga_YJ8S729D47 Value: GS1.1.1720367108.1.0.1720367108.60.0.0
.region1.google-analytics.com/	1970-01-21 00:02:23	Name: ar_debug Value: 1
.yandex.ru/	1970-01-21 06:38:23	Name: yashr Value: 3498283011720367109
mc.yandex.ru/	1970-01-21 06:38:23	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.gmt.io/	1970-01-21 06:38:23	Name: _ym_uid Value: 1720367109204346630
.gmt.io/	1970-01-21 06:38:23	Name: _ym_d Value: 1720367109
.yandex.com/	1970-01-21 07:28:47	Name: i Value: q1JRSWdox2EuWEJufKRFVak3bmg1KH4CyjL3XfSaCCxU9ZWhglG9Pzz9NCeGtkLNS5JDuI/nB1jhf1Gga69Yv1e8tX4=
.yandex.com/	1970-01-21 06:38:23	Name: yandexuid Value: 1917316071720367109
.yandex.com/	1970-01-21 06:38:23	Name: yashr Value: 6068033221720367109
mc.yandex.com/	1970-01-21 06:38:23	Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.mc.yandex.com/	1970-01-20 21:52:47	Name: sync_cookie_csrf Value: 2288591226fake
.gmt.io/	1970-01-20 21:53:59	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 21:52:47	Name: sync_cookie_csrf Value: 2091428849fake
.mc.yandex.com/	1970-01-20 21:54:13	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 07:28:47	Name: yandexuid Value: 1917316071720367109
.yandex.ru/	1970-01-21 07:28:47	Name: yuidss Value: 1917316071720367109
.yandex.ru/	1970-01-21 07:28:47	Name: i Value: q1JRSWdox2EuWEJufKRFVak3bmg1KH4CyjL3XfSaCCxU9ZWhglG9Pzz9NCeGtkLNS5JDuI/nB1jhf1Gga69Yv1e8tX4=
.yandex.ru/	1970-01-21 07:28:47	Name: yp Value: 1720453509.yu.1329718271720367109
.yandex.ru/	1970-01-21 06:38:23	Name: ymex Value: 1722959109.oyu.1329718271720367109
.linkedin.com/	1970-01-21 06:38:23	Name: bcookie Value: "v=2&25e025f3-c385-48a5-80d7-9b42b96a20c5"
.linkedin.com/	1970-01-21 02:11:59	Name: li_gc Value: MTswOzE3MjAzNjcxMDk7MjswMjG5Hye99jVO5Kkbi+L7rjHSnoBGFNkkLHAee1GcLlVCcw==
.linkedin.com/	1970-01-20 21:54:13	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3239:u=1:x=1:i=1720367109:t=1720453509:v=2:sig=AQGFM1zWozpzB--7Jt5vSN4l3Ep-Bj9t"
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 771764641720367109
.yandex.com/	1970-01-21 06:38:23	Name: yuidss Value: 1917316071720367109
.yandex.com/	1970-01-21 06:38:23	Name: ymex Value: 1751903109.yrts.1720367109
.yandex.com/	1970-01-21 06:38:23	Name: receive-cookie-deprecation Value: 1
.yandex.com/	1970-01-21 06:38:23	Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjEyNiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTI2IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMjYiIg==
.d.adroll.com/	1970-01-21 07:21:35	Name: __adroll Value: 545e31713c06e0765351a619bc215c90-a_1720367109
.d.adroll.com/	1970-01-21 07:21:35	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 07:21:35	Name: receive-cookie-deprecation Value: 1
.adroll.com/	1970-01-21 07:21:35	Name: __adroll_shared Value: 545e31713c06e0765351a619bc215c90-a_1720367109
.payment.gmt.io/	1970-01-21 06:38:44	Name: __adroll_fpc Value: a3e6bf2050b28a52c9ed66bd2a06ce35-1720367109562
.payment.gmt.io/	1970-01-21 06:38:23	Name: __ar_v4 Value: %7CYXLQFXAOL5CMVA2SOH3S2G%3A20240706%3A1%7CLL5QICUPWVH43HMZXFRCTG%3A20240706%3A1
.casalemedia.com/	1970-01-21 06:38:23	Name: CMID Value: Zoq4BbmqPT8AAFynAFH-iAAA
.casalemedia.com/	1970-01-21 00:02:23	Name: CMPS Value: 3162
.casalemedia.com/	1970-01-21 00:02:23	Name: CMPRO Value: 3162
.adnxs.com/	1970-01-21 00:02:23	Name: XANDR_PANID Value: JBnLoPGPVqdLXmtq8XjU9v5IvGHJ2q5Ntfq-_5qYWnFQIlcbXTL1w8A0RsZbtB0DpZER93q12snmdNmkHLy-nLW38uHtsuMaUjy2MWiqpTk.
.adnxs.com/	1970-01-21 07:28:47	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:02:23	Name: uuid2 Value: 8937823084314507243
.pubmatic.com/	1970-01-21 00:02:23	Name: KRTBCOOKIE_10 Value: 22808-NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&KRTB&22883-NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA&KRTB&23504-NTQ1ZTMxNzEzYzA2ZTA3NjUzNTFhNjE5YmMyMTVjOTA
.pubmatic.com/	1970-01-20 22:35:59	Name: PugT Value: 1720367109
.adnxs.com/	1970-01-21 00:02:23	Name: anj Value: dTM7k!M4/rD>6NRF']wIg2Hc$n=G`p!@wnfH1Ya.O4]7Q=E?-JhsLwka(/Bp`7<O+i6uOdiJc-(`+y(C2b39gjQO(8a)i5a2Fc<w?8!Y#[a(%#%nugO%v4VB%nmDi-2xuz
x.adroll.com/	1969-12-31 23:59:59	Name: ar_debug Value: 1
.gmt.io/	1970-01-21 04:21:37	Name: intercom-id-uyrxot0s Value: afa23a4f-3734-4713-a635-a4a89bce664d
.gmt.io/	1970-01-20 22:02:51	Name: intercom-session-uyrxot0s Value:
.gmt.io/	1970-01-21 04:21:37	Name: intercom-device-id-uyrxot0s Value: 38c37b6b-92ab-47f3-a6bc-b6aae20c0953

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
explorer-api.walletconnect.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
js.intercomcdn.com
mc.yandex.com
mc.yandex.ru
mytonwallet.io
payment.gmt.io
pixel.rubiconproject.com
px.ads.linkedin.com
raw.githubusercontent.com
region1.analytics.google.com
region1.google-analytics.com
s.adroll.com
s.pvcliping.com
script.hotjar.com
snap.licdn.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
tonhub.com
tonkeeper.com
ups.analytics.yahoo.com
us-u.openx.net
vc.hotjar.io
verify.walletconnect.com
wallet.tg
wallet.ton.org
widget.intercom.io
www.google.nl
www.googletagmanager.com
x.adroll.com
x.bidswitch.net
xtonwallet.com
104.16.79.73
104.18.26.46
104.18.27.46
128.1.77.230
13.107.42.14
13.248.245.213
141.226.228.48
142.250.181.234
142.250.185.163
142.250.185.99
142.250.186.34
157.240.0.6
172.64.151.101
172.67.22.151
172.67.71.168
172.67.73.11
172.67.73.90
172.67.74.36
173.194.76.157
18.214.210.209
18.239.36.44
18.239.83.59
18.239.94.113
18.239.94.97
18.65.39.84
185.199.109.133
185.64.191.210
188.114.97.3
2.18.64.220
216.239.34.36
216.58.206.40
3.70.101.28
3.75.62.37
34.248.246.252
34.251.55.181
35.214.149.91
35.244.159.8
37.252.171.85
69.173.144.138
70.42.32.95
87.250.250.119
93.158.134.119
99.86.159.22
0236ca1c9ca15fafaabee69e69e3e8a0570801cbb31da6768ba8318070baed97
035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d
06a1968b4448fb4365cb020058987cc95054607cc2b6cfbcb0e8875857b4eba1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d7589be044acdb28633fdf313cc6adaa15a19b27de85eb6b14ddc125e6e1a45
1e9522017a84aa45f504523eafb59001817e054dcb2780dc8a4519390c23c080
2173dbf44e5b986d15cb52b206af9e85e2dcc4808aebd6f7f29fdb5949f5fa4a
25ea9ed41695a63be1ba26ebcc960614bbaa0a191aaa1c43cc6167befaa855ae
25ef6e0912f90e0adea8597b19554aa1518521e6cf0a88cfaec303808cf4d4b8
2afca389fab7fb59ce8f7e39c2796f4e48e3e292f24558710fc9359fe8da86b5
2afe61fb82eb709eb41d83b5ba8494a194de0c21b6781d45623432d6bbf00a16
2e4db7cebb517a9dffb833d5ec75b5e91b9eff4eeae380476df7f85e21459081
32a381eb1e344e9c664d784717ed571dc21948f9075a1cf5293ca9bb832d98a9
3ac5e5a18e2e0e6e343ed19f82fdfe2a81b0f456422d58e2e5c4251feaba97ec
3f84dedcb2c2a5d7ad02edb137cab1787e3c76e9b69ad71c922434b43eb666d0
3f91196a009107e70e5f3a49321aafdd7ca187d3a8b1ab825382e95a63d4a6ae
42033f4c03a7b739071863e5bf092684a541bac05e8c706867f99ce02c3a6e6c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5288d0a84434bdc3fcd94fa748398b9c58f78940318f4b1e923a4c76cb948127
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58e137e626c100f7c0833a85cbcec7d41d366f3467372c333bf2cbf093329915
5c3ea518bbd62af1590c8b019e40b6caa56519599901b8a537831eb9b2076c3d
5d4403f4f45afcf97def3e3423f7fe988e7b6cc50e3ae2e38a7a6685630e154d
619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56
6781d3a7cdd5d44f7083892ec03d04058bca8214da9e7f27300e9a68e5b6aff3
6c30dcf8baf07a22361167e8dc7e8152274db474fadf9eea0a1e7bcd9a24df9e
70fb595f823523264755c87c8375c1d2e97439560e53483b18c4ed25d81da93d
73e949222e63cad11d0161f059a896dd90a45de74ae22684f8fa4753252e1097
75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
7969dcfe9ef954ed7f367acb58c255c02fb03207250e52b0da4278e50941838f
7dfcb629bcffa853b06362c4b73d3198888bc01ab6b1b68a84409bde0b5481bd
84ee3d792191cbc2a116b9f4fe6c526b11be673a73ee9bad85b0d9c731dce951
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c8e446f37ecb32e10e59c262f01d551956ee029152d55f01e8bcd32f9fb50c6
8e352c8a9e65670d43fa8709cbde5535226746cc4d4777e07b251e117ca4aa95
9085919715509ba81f7c90a6436a85101eae5577b7053d8841e246ced3e20201
93da62068399af678aa7d33d5cbc104b99d1acc58a94851f18ab184969616390
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
9d2b59587290ae6eaff3e0734988453c91d73d7a41c6d59dc0cd48e07adaf835
a2d7d7384083e9372418135bfadf55173038293f722082fcf72a162e5f15c463
ac3ab06433e114c3e21ae87b9ba5b79cb3ee2829e4354397352fd04d01251e22
ace8dd194c4e421b91d44669bab890974dc28265a1196dd41c48c70abe8debc0
ad2aa3ac062cdef13af1c2e28c6e95e36732484bd756fb6194a105b61af7c057
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22b238c613c9bfcf13e8340213b734fea3bd0b9b2fe67648e3ba6decc104e89
b4459fe039243c658d5b3b92cfd7fe9f6f23caa8d8745800224b581758fdf199
b545ce85ef76222fafdd46c1fe7ddc096cf00b268b7102223b18314ad2ed1fa8
bad6e85b042e44f7747de7c2002202e57e16bff219cd49e968b5e2958cbeba51
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc41e7e2c2e72d3c3d78893bdf5bdfbb2aad0ada2e447e30fb9fa81b60f01005
c15942f92c92c4a336d20ffcf229ab3606b588388d78b008b4f9ee8d3d1b842e
c2c7d0615f171736909b82c7e7f0bdc536d2368c21ac464f8c956e01f0da4af2
c3c7fd42c1cae833f4f4732829cf156ef9064b51df3753e0304e246cf904cc14
c509b71e2b6c76a4a1061fe1989cfdf15bb80a55e189d5d1661cd36ea8d47f3c
c636ba07da1373f4c0e7ef915f807b125b1921f03cac429a4805c1cb22750659
c8cdb6bd9623a596740743460a0bcd6fff106479f387ad8afa6fdf25d23e08f5
d3accde5e7823c977360bf7dbc8e58fe5dbcc80e6baa0f9bb0150973b03e3652
d6c7006f9b5db8584267c34e4c1c43eba9e58505c892ed462c6abc2989d2025f
ddb20771135c376efeec8385304d44425d77eb0e2f9949f501d83d8b5835f530
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e438e219aa453c4042a823accda4f5687dca9908e02f5d4abcdd2b715c05451f
e4887df375c3fc57aacb5341251f5f4453e37b0b0491f4aafbd56e39305d7510
e5710984e7f46092329faf76466920cec1f9fef2975e3f0bae48ed87d06aa9a0
e8a9d0ed202eae37d485eaa6703840fd0661261e2802731020c7c1268adafa47
ea4c02c75662317218088b7c82c3b1a2a20b9627ad43a4a5cf9127b8e62b6fe7
eb0299547408cf56a2a92da16429171368e451ee8bd530a3d65df72565bd030c
eb972110359fa3a309e9f622d9efe3748fcc129bdbbd8616b0fb245736cc1757
eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08bd5fd73b03bd498bdea7b974f26bc80a03b26b6efb63e3d856fe324a1e288
f48029d1829129f662e23bfac26e75d741f74f826e9f845c125d46207fff8396
f5de42099092920b23dcfac2b82c0b9c53227c17d02f47a744f6a11f71a3fd5c
f9916f2f8593d9e9e58321aac49435c6d4007878813355dc4bd59cde838af076

payment.gmt.io Open in urlscan Pro 172.67.22.151 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

86 %HTTPS

0 %IPv6

38 Domains

44 Subdomains

43 IPs

8 Countries

2864 kBTransfer

6404 kBSize

51 Cookies

4 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payment.gmt.io Open in urlscan Pro
172.67.22.151 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

86 %
HTTPS

0 %
IPv6

38
Domains

44
Subdomains

43
IPs

8
Countries

2864 kB
Transfer

6404 kB
Size

51
Cookies

100 HTTP transactions
0 data transactions