authentik.biz Open in urlscan Pro
172.67.167.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://authentik.biz/
Submission: On September 13 via automatic, source certstream-suspicious (September 13th 2021, 12:48:18 am UTC) — Scanned from DE

Summary HTTP 81 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 20 domains to perform 81 HTTP transactions. The main IP is 172.67.167.139, located in United States and belongs to CLOUDFLARENET, US. The main domain is authentik.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 13th 2021. Valid for: a year.

This is the only time authentik.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.167.139 172.67.167.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.110.95 142.250.110.95	15169 (GOOGLE) (GOOGLE)
4 4	104.21.66.129 104.21.66.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.139.13 172.67.139.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.214.69 172.67.214.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.18.20.180 104.18.20.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	104.17.6.97 104.17.6.97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.228.62 143.204.228.62	16509 (AMAZON-02) (AMAZON-02)
2	51.161.92.183 51.161.92.183	16276 (OVH) (OVH)
1 2	104.21.234.55 104.21.234.55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
3	104.18.9.127 104.18.9.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.25.108 13.225.25.108	16509 (AMAZON-02) (AMAZON-02)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.23.52 104.18.23.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.72.152.54 52.72.152.54	14618 (AMAZON-AES) (AMAZON-AES)
10	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
3	172.67.161.47 172.67.161.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1	74.125.140.94 74.125.140.94	15169 (GOOGLE) (GOOGLE)
3	172.67.217.10 172.67.217.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.55.235.217 77.55.235.217	15967 (NAZWA) (NAZWA)
3	151.101.129.35 151.101.129.35	() ()
1 2	64.4.245.84 64.4.245.84	() ()
81	25

1 172.67.167.139 (United States)

ASN13335 (CLOUDFLARENET, US)

authentik.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.110.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.66.129 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

app.groovefunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.13 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.214.69 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.20.180 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.17.6.97 (None, )

ASN13335 (CLOUDFLARENET, US)

checkout.groovesell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.228.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-228-62.cdg3.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.161.92.183 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip183.ip-51-161-92.net

matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.234.55 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gitcdn.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.9.127 (None, )

ASN13335 (CLOUDFLARENET, US)

js.authorize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.25.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-108.cdg3.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.23.52 (None, )

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.152.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-152-54.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.161.47 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.217.10 (United States)

ASN13335 (CLOUDFLARENET, US)

v1.gdapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.55.235.217 (Poland)

ASN15967 (NAZWA, PL)
PTR: dedicated-ajb217.rev.nazwa.pl

ip2c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.35 (None, )

ASN- ()

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (None, ) 1 redirects

ASN- ()

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	paypal.com 1 redirects www.paypal.com t.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com c6.paypal.com Failed	352 KB
14	groovesell.com checkout.groovesell.com	2 MB
6	fontawesome.com use.fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	51 KB
4	paypalobjects.com www.paypalobjects.com	265 KB
4	grooveapps.com assets.grooveapps.com	679 KB
4	groove.cm app.groove.cm	81 KB
4	groovefunnels.com 4 redirects app.groovefunnels.com	2 KB
3	gdapis.com v1.gdapis.com	4 KB
3	authorize.net js.authorize.net	9 KB
3	stripe.com js.stripe.com m.stripe.com Failed	62 KB
3	googleapis.com fonts.googleapis.com	276 KB
2	stripe.network m.stripe.network	19 KB
2	cloudflare.com cdnjs.cloudflare.com	11 KB
2	braintreegateway.com js.braintreegateway.com	30 KB
2	gitcdn.link 1 redirects gitcdn.link	4 KB
2	groovetech.io matomo.groovetech.io	32 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	42 KB
1	ip2c.org ip2c.org	223 B
1	gstatic.com fonts.gstatic.com	19 KB
1	authentik.biz authentik.biz	7 KB
81	20

	Domain	Requested by
14	checkout.groovesell.com	authentik.biz checkout.groovesell.com
10	www.paypal.com	www.paypalobjects.com checkout.groovesell.com www.paypal.com
4	t.paypal.com	checkout.groovesell.com
4	www.paypalobjects.com	checkout.groovesell.com www.paypal.com www.paypalobjects.com
4	assets.grooveapps.com	authentik.biz checkout.groovesell.com
4	app.groove.cm	authentik.biz
4	app.groovefunnels.com	4 redirects
3	c.paypal.com	www.paypal.com c.paypal.com
3	v1.gdapis.com	checkout.groovesell.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	js.authorize.net	checkout.groovesell.com js.authorize.net
3	js.stripe.com	checkout.groovesell.com js.stripe.com
3	fonts.googleapis.com	authentik.biz app.groove.cm client
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdnjs.cloudflare.com	checkout.groovesell.com client
2	js.braintreegateway.com	checkout.groovesell.com
2	gitcdn.link	1 redirects checkout.groovesell.com
2	matomo.groovetech.io	authentik.biz
2	use.fontawesome.com	authentik.biz use.fontawesome.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	ip2c.org	checkout.groovesell.com
1	fonts.gstatic.com	fonts.googleapis.com
1	heapanalytics.com	authentik.biz
1	kit.fontawesome.com	checkout.groovesell.com
1	cdn.heapanalytics.com	authentik.biz
1	authentik.biz
0	c6.paypal.com Failed
0	m.stripe.com Failed	m.stripe.network
81	29

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.groovetech.io Sectigo RSA Domain Validation Secure Server CA	`2021-08-18` - `2022-08-18`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2021-04-29` - `2021-12-13`	8 months	crt.sh
js.authorize.net Cloudflare Inc ECC CA-3	`2021-08-08` - `2022-08-07`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-08-07`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-03-15`	8 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
ip2c.org R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh

This page contains 9 frames:

Primary Page: https://authentik.biz/
Frame ID: D84B895B2F89E011BCCFF6E89EAB73DD
Requests: 18 HTTP requests in this frame

Frame: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Frame ID: C7E80F3D3A36B4BCF31C09281798BAFF
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
Frame ID: EAACA301F925E8E48857D29BD09C2B2B
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 283A518F74529E143E8A4186239FD7FC
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: 49BE07F9D4521E0B722908E24A4B89FD
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: D5E4E7883943BA4B8981406EAEEF8FBE
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: BD396806709FA831A3793592B8C1D0E4
Requests: 3 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: F69B8209DDCA601725CA350D9E24F565
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS
Frame ID: 745BA504806AD64E850CD3DEC41874C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

81
Requests

94 %
HTTPS

0 %
IPv6

20
Domains

29
Subdomains

25
IPs

5
Countries

3886 kB
Transfer

13913 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://app.groovefunnels.com/groovepages/css/inpage_published.css HTTP 302
https://app.groove.cm/groovepages/css/inpage_published.css

Request Chain 2

https://app.groovefunnels.com/groovepages/css/chunk-vendors.css HTTP 302
https://app.groove.cm/groovepages/css/chunk-vendors.css

Request Chain 9

https://app.groovefunnels.com/groovepages/js/inpage_published.js HTTP 302
https://app.groove.cm/groovepages/js/inpage_published.js

Request Chain 10

https://app.groovefunnels.com/groovepages/js/chunk-vendors.js HTTP 302
https://app.groove.cm/groovepages/js/chunk-vendors.js

Request Chain 20

https://gitcdn.link/repo/lykmapipo/themify-icons/master/css/themify-icons.css HTTP 301
https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css

Request Chain 81

https://b.stats.paypal.com/v2/counter.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS

81 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
authentik.biz/ 30 KB
7 KB 286ms
232ms Document
text/html 172.67.167.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.167.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89727f4953dc4e71c06456ebf4b10584d10edfed96c503e1e0020effa3d11b94

Request headers

:method: GET
:authority: authentik.biz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 13 Sep 2021 00:48:10 GMT
content-type: text/html
last-modified: Mon, 30 Nov 2020 04:09:24 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GbfzWExKLQNwfBTinlP5xnDmsGxkfvz2arPVlPNKJRoMycLU8a6MgcLxHoo9EaI%2B6DEsMn76cMgDjo6%2FyLCnItLVMsZEJFU26nZfD7SDwxdRBBI14t%2BkBvJZGSjTq8P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68dd5e518e7a27c0-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 74 KB
3 KB 67ms
34ms Stylesheet
text/css 142.250.110.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: authentik.biz
URL: https://authentik.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f95.1e100.net

Software

ESF /

Resource Hash

86532df979078bb8d18f6eda7d82fbba5507367534fc55813da9b777ca01b007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 00:48:10 GMT
server: ESF
date: Mon, 13 Sep 2021 00:48:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 00:48:10 GMT

GET
H2

200

inpage_published.css
app.groove.cm/groovepages/css/
Redirect Chain

https://app.groovefunnels.com/groovepages/css/inpage_published.css
https://app.groove.cm/groovepages/css/inpage_published.css

362 KB
52 KB

1389ms
22ms

Stylesheet
text/css

172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ec58275b0b02742d91c7911fdc089f898997937a6389c8c8a51fd9e27cfc74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Sep 2021 19:19:49 GMT
server: cloudflare
age: 3249
etag: W/"61390cd5-5a8c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EivoXQF%2F85eyleaOBeTroPX0oB5bRhyevaabpR6i1NN2JeOyCSXfkuZPLUu8PYcRBTxKHeFqgmsoR%2FiWMLBR%2FuVPEpszqbrdwqVBCdUtZKlhWrmT4HCBBx6885NqYTw6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68dd5e5c3bf90614-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 13 Sep 2021 00:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AkqjECr0v4FLszBbRv78hPgAB9RpGfBEQrsp3HmQ2IePzMg8nzJNYcS32SilT44Ci7%2B5Q7R%2FdUTJQ6rKhgmCxu%2FMq1ZXk%2FgdmiJm1g8%2BM4%2B2P%2FEPfQ26FxlzwW6EWBA5eBYWIW2pu20%3D"}],"group":"cf-nel","max_age":604800}
location: https://app.groove.cm/groovepages/css/inpage_published.css
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 68dd5e53987d277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

chunk-vendors.css
app.groove.cm/groovepages/css/
Redirect Chain

https://app.groovefunnels.com/groovepages/css/chunk-vendors.css
https://app.groove.cm/groovepages/css/chunk-vendors.css

0
0

1379ms
13ms

Stylesheet
text/html

172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 13 Sep 2021 00:48:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2ZCA92QQfiHr5RwBTQfp4kRjeZ1IDjoN7KJmQ%2BTaP3YW6Imhbglnow%2BQSNXFm%2F%2FelQrA2ngv%2FrAqfaj5dlI1feM4JGvn8k16%2FI3uDQ4pw%2Ft%2BAZTT%2FVfZj4fKOaEHXtIaRmrL4bJ%2BB8%3D"}],"group":"cf-nel","max_age":604800}
location: https://app.groove.cm/groovepages/css/chunk-vendors.css
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 68dd5e53987f277c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.13.0/css/ 57 KB
13 KB 493ms
426ms Stylesheet
text/css 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer: https://authentik.biz/
Origin: https://authentik.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:11 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AQKDXP3JRG5P09Q1
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2: QyRej7DkJ4K7zcW73T7KELvPwpgfhzrFSApqEJX5ApK5HQNhKyuD3Pk8RaA3t46l1RJnj7oofhw=
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
server: cloudflare
etag: W/"76cb46c10b6c0293433b371bae2414b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aj0BtAwH6dUEzuW9iH4S1rfBFG2uVNZfGVbfJvLlFXxQeTlfEvDyk3ZS%2F8wGzlcuNBuG%2BK5eDDg8ow6xpZK4bpMRzNHkc%2F3UI8yOiXSh4zF4aThRZu%2BC36UOqs3Mr6UoJT4ZsOb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 68dd5e53989b2788-PRG

GET
H2 200 1602646021_AUTHENTIK%201.png
assets.grooveapps.com/images/5f0c9be740850600130a56bf/ 436 KB
437 KB 496ms
435ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f0c9be740850600130a56bf/1602646021_AUTHENTIK%201.png
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63b83e97c7ff659ed3d5faabb2f7af0b6a1572052dbd3578059c3786c74f222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycduRI5YFazhjQcfCE3QBRNMaWUkYn-TJ5O2o1ImE64HOmxoO5VQxvcfMsxBDFe8YYHxDp-opBSrMRIAdbKg2s4U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 446513
last-modified: Wed, 14 Oct 2020 03:27:02 GMT
server: cloudflare
etag: "5e87cca1b7897de89bebd2ca519c57be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=b7TZBw==, md5=XofMobeJfeib69LKUZxXvg==
x-goog-generation: 1602646022328139
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 446513
accept-ranges: bytes
cf-ray: 68dd5e5d4e214114-PRG
expires: Mon, 13 Sep 2021 04:48:12 GMT

GET
H2 200 1602885195_secure%20order.png
assets.grooveapps.com/images/5f0c9be740850600130a56bf/ 51 KB
52 KB 546ms
485ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f0c9be740850600130a56bf/1602885195_secure%20order.png
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f42b186368b355347ea95049d656284442855c49ed95fa7d722fbfde2c06d84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycdvLZzV_pfSEAYMlgNJEtCtslqHadGvDIO6i0tXjueIgXtIlWvCcxq5K2S5thhBWxqPepSGtCZ0N9VPLcRtaJTs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 52675
last-modified: Fri, 16 Oct 2020 21:53:15 GMT
server: cloudflare
etag: "0b0fb5bcf38b57d8f770a80b127ee4b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=3HOJVQ==, md5=Cw+1vPOLV9j3cKgLEn7ksA==
x-goog-generation: 1602885195535116
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 52675
accept-ranges: bytes
cf-ray: 68dd5e5d4e234114-PRG
expires: Mon, 13 Sep 2021 04:48:12 GMT

GET
H2 200 1602885412_30%20day%20money%20back%20guarantee.png
assets.grooveapps.com/images/5f0c9be740850600130a56bf/ 53 KB
53 KB 499ms
438ms Image
image/png 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f0c9be740850600130a56bf/1602885412_30%20day%20money%20back%20guarantee.png
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee3b8a1f4b6484f6439168c23b2f9deb62c9d7653044448ff1a1bd3317cc912

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
cf-cache-status: MISS
x-guploader-uploadid: ADPycds9P1w8EYJlLQXldhpUDRcYoWI39JtlG-MG2AF2R0yd7ZeOldkfDUns1yzdIMLEkz5Bw3R84tYdt24nSKVqz_qEmfgfbA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/png
content-length: 54285
last-modified: Fri, 16 Oct 2020 21:56:52 GMT
server: cloudflare
etag: "2790aa667f3f32682aedb91ff26690bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=t7anDg==, md5=J5CqZn8/Mmgq7bkf8maQvQ==
x-goog-generation: 1602885412697584
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 54285
accept-ranges: bytes
cf-ray: 68dd5e5d4e224114-PRG
expires: Mon, 13 Sep 2021 04:48:12 GMT

GET
H2 200 app.css
checkout.groovesell.com/embed/css/ 0
270 B 293ms
226ms Stylesheet
text/css 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/embed/css/app.css?n=1
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "0-5cb674a0ea25b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e5cbcd4f9d6-PRG
content-length: 0
expires: Mon, 13 Sep 2021 04:48:12 GMT

GET
H2 200 app.js Show response
checkout.groovesell.com/embed/js/ 1 MB
181 KB 389ms
335ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/embed/js/app.js?n=1
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0248b8a04172b6cbc5e60650c0b889acdd28edaad32b8be77128a578dc53c118

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "1239f9-5cb674a0eb1fb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 68dd5e5cccd5f9d6-PRG
expires: Mon, 13 Sep 2021 04:48:12 GMT

GET
H2

200

inpage_published.js Show response
app.groove.cm/groovepages/js/
Redirect Chain

https://app.groovefunnels.com/groovepages/js/inpage_published.js
https://app.groove.cm/groovepages/js/inpage_published.js

82 KB
30 KB

27ms
17ms

Script
application/javascript

172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9182ceb573caf54e20209791b0d14ca3d75e901ce3984b63a9c93dd649fd2a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Sep 2021 19:19:49 GMT
server: cloudflare
age: 3226
etag: W/"61390cd5-146ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7gQtZ%2FFOYBFhYZnl%2FZHV2fA0Ok0dneQJc47XqQ0ILmV04qxfbZIVdxkccSD3hVp1eK%2F1vHmQ%2BqdTcREhoHFIz69IEyYk79Iu8MvwzXUK3VAF4HbvVpxKbRVdWq4pLnR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 68dd5e5d8d2c0614-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Mon, 13 Sep 2021 00:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V%2BxqjxLzKZ7hv5rEvi%2F40lPkConxgq5XIBegH6386AiF3Wrp%2BT9WyDo1Ylc8sugyTDQhOpb8l%2FiWcgoOX5fID0dp2QU0NLjDHoBFx2D35JXXVFCq07lEZyuGjqLKUSlm8oKyxYWtdk%3D"}],"group":"cf-nel","max_age":604800}
location: https://app.groove.cm/groovepages/js/inpage_published.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 68dd5e5d09674107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

chunk-vendors.js Show response
app.groove.cm/groovepages/js/
Redirect Chain

https://app.groovefunnels.com/groovepages/js/chunk-vendors.js
https://app.groove.cm/groovepages/js/chunk-vendors.js

0
0

21ms
13ms

Script
text/html

172.67.139.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Mon, 13 Sep 2021 00:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tt%2F%2FOzXrmBbqNspDJKEYHNB3HYsI8b6YSI2vUwUQdQFkuF8yV36rIG82iP0xrJ1j55X%2BUj4heM%2FAqAVo4zXUh0buHN%2BUGBhcEi70cAordveRd2eP6wHWlQqclTnsrjIthW8Jo%2BRRKzw%3D"}],"group":"cf-nel","max_age":604800}
location: https://app.groove.cm/groovepages/js/chunk-vendors.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 68dd5e5d09634107-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 687 KB
136 KB 17ms
17ms Stylesheet
text/css 142.250.110.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.110.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f95.1e100.net

Software

ESF /

Resource Hash

90e7aba9665c4a168344f9ae2ce2ee9046c037556e5c7488c57d43201c1ffddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 00:07:12 GMT
server: ESF
date: Mon, 13 Sep 2021 00:48:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 00:48:12 GMT

GET
H2 200 heap-3364072150.js Show response
cdn.heapanalytics.com/js/ 107 KB
41 KB 186ms
120ms Script
application/javascript 143.204.228.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-3364072150.js

Requested by

Host: authentik.biz
URL: https://authentik.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.228.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-228-62.cdg3.r.cloudfront.net

Software

nginx /

Resource Hash

01975ce82ed10b4ef1bfa3bceb6116399f71eb855658efde8f3704bcab487a08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: CDG3-C1
etag: W/"1aba4-yd1bChWvqFEhQBruOCfVeA"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 b9a91b9002d4fb924a73a6172edb4dc8.cloudfront.net (CloudFront)
cache-control: public, max-age=120
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: tmaHAdtCWXAk72JH16sKviI8wMYeiodOTCToJ4Vm_FBH2Cs8GRVINA==

GET
H/1.1 200
OK matomo.js Show response
matomo.groovetech.io/ 100 KB
32 KB 509ms
116ms Script
application/javascript 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 /
Resource Hash: 68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: gzip
last-modified: Tue, 21 Jul 2020 21:11:02 GMT
server: nginx/1.19.2
etag: "19167-5aafa0f820d0f-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 32444

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 13 KB
14 KB 297ms
275ms Font
font/woff2 172.67.214.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65

Request headers

Referer: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin: https://authentik.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RW6M15331MC4ASEJ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13584
x-amz-id-2: URdVjTNX+75HFxHCYadm321MX3yqdTSOH6ZeXSH/QgCD2ZGsZOW3ZB+Flo5kwmNukaUnoogoPvw=
last-modified: Wed, 30 Jun 2021 15:39:01 GMT
server: cloudflare
etag: "c20b5b7362d8d7bb7eddf94344ace33e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPi3786%2FQQKLW2GQX9AMd2XWjyANYSVRRjGLhczLLjFiFIl%2FfeTGV6sd4EsotGloQCZbN%2BUIp3b3BtmXpeeMRxxxgwbsLOC5YiVJdtT8e22ElUhfwBnMbIRst4y5Z6u%2FRKSaXSJf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 68dd5e5d9b314119-PRG

GET
H2 200 01368d3a40eda708eef881fbc3ac1d20 Show response
checkout.groovesell.com/checkout-widget/ Frame C7E8 2 KB
1 KB 293ms
293ms Document
text/html 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.33-34+ubuntu20.04.1+deb.sury.org+1
Resource Hash: 99f8aa3a499fc4852a255f4a1475d94fd6ceb4a199af0bcea4f1e7554e56375a

Request headers

:method: GET
:authority: checkout.groovesell.com
:scheme: https
:path: /checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://authentik.biz/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33-34+ubuntu20.04.1+deb.sury.org+1
cache-control: no-cache, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68dd5e5e2d6ef9d6-PRG
content-encoding: gzip

GET
H2 200 gdui_styles.382ba5.css
checkout.groovesell.com/admin/css/ Frame C7E8 0
54 B 228ms
226ms Stylesheet
text/css 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/admin/css/gdui_styles.382ba5.css
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "0-5cb674a0e831b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e603e4df9d6-PRG
content-length: 0
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H2 200 app.382ba5.css
checkout.groovesell.com/admin/css/ Frame C7E8 829 B
466 B 222ms
219ms Stylesheet
text/css 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/admin/css/app.382ba5.css
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452e236eb929e43213926695c66e53e6d37b0453a4938754a3b6b2c9475414b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "33d-5cb674a0e831b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e603e4ef9d6-PRG
content-length: 337
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H2 200 iconfont.css
checkout.groovesell.com/admin/css/ Frame C7E8 13 KB
3 KB 237ms
234ms Stylesheet
text/css 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/admin/css/iconfont.css
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85da415b922df987ce15d5ba8717de895ca63394327a59cc4005375e2b382a59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "35e4-5cb674a0e92bb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e603e52f9d6-PRG
content-length: 2494
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H2 200 material-icons.css
checkout.groovesell.com/admin/css/material-icons/ Frame C7E8 922 B
504 B 239ms
236ms Stylesheet
text/css 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/admin/css/material-icons/material-icons.css
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdd4eb73a277bcbf241221bed8c3b7b444eb2024f3f6f16a8673169edc3e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "39a-5cb674a0e92bb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e603e53f9d6-PRG
content-length: 422
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H3

200

themify-icons.css
gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/ Frame C7E8
Redirect Chain

https://gitcdn.link/repo/lykmapipo/themify-icons/master/css/themify-icons.css
https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css

16 KB
3 KB

53ms
26ms

Stylesheet
text/css

104.21.234.55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.55 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ec82a71992aa64b77ec2a84f76fec382a34505cda562bb2497a7dda603d3d024

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6834
x-powered-by: Express
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Sep 2021 22:54:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0XsqxYA1GdVDVp6L4Dnz1teOhc5EjCZTWTrqUwC7ynPpH8gtr1T0q9YmVGYk3Tghht5TEIxzdRxMpuBUkZrxj0jaMPN6b7P7yrg5Gxnb3fsNrp7LSy7gL0Ep%2FNI5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 68dd5e611acff9ce-PRG
expires: Tue, 12 Oct 2021 22:54:18 GMT

Redirect headers

date: Mon, 13 Sep 2021 00:48:12 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6835
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 144
server: cloudflare
location: https://gitcdn.link/cdn/lykmapipo/themify-icons/9600186b24a7242f0e1e0a186983e6253301bb5d/css/themify-icons.css
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0XllBxoGVDm4eOzx7L%2BVxCnUz1upNzjwGSPvc1o1aAmiwx8NjEk5fUzzDx4Ytwl%2FQbzC09yOxhqls05wTOlZPpby21BIRC6rLhc4g2q1Zl%2BFpZ6Ru67%2BVMDQzTa8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=7200
cf-ray: 68dd5e607e474132-PRG

GET
H2 200 / Show response
js.stripe.com/v3/ Frame C7E8 248 KB
61 KB 52ms
6ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: br
vary: Accept-Encoding
age: 200
via: 1.1 varnish
x-cache: HIT
content-length: 61520
x-amz-id-2: YTQxBu6+kdRG6eiYuQQGcdh9NJPhVuiV4q3fC5v2G5FuxxhRBfcxYKij81pv+8OHF6nYwk0V0r4=
x-served-by: cache-fra19168-FRA
timing-allow-origin: *
last-modified: Fri, 10 Sep 2021 19:24:03 GMT
server: AmazonS3
etag: "ff869cfad3b8b35353735d6844c726a1"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: M43560BY7PRXYFET
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame C7E8 1 MB
232 KB 49ms
6ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a334574ec350dc5383461b1c59f219401d5d99ee1bad8443ff26d7c4e1aa1b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: HIT, HIT
paypal-debug-id: 5ea42091c0569
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 236714
x-served-by: cache-sjc10059-SJC, cache-hhn4054-HHN
last-modified: Tue, 04 May 2021 17:45:08 GMT
x-timer: S1631494093.872285,VS0,VE0
etag: W/"60918824-1664a6"
strict-transport-security: max-age=31557600
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
x-cache-hits: 55, 12

GET
H2 200 Accept.js Show response
js.authorize.net/v1/ Frame C7E8 4 KB
2 KB 80ms
32ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/Accept.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 13 Sep 2019 00:53:44 GMT
server: cloudflare
age: 4795
etag: W/"2ab775b1cd69d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 68dd5e608c73410e-PRG
expires: Sat, 18 Sep 2021 00:48:12 GMT

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.68.0/js/ Frame C7E8 41 KB
13 KB 104ms
18ms Script
application/javascript 13.225.25.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/3.68.0/js/client.min.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-108.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: 938e3e20c94051c714c276b047eab4adbe5b771c62bb45b95f1d8d3a75331021

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 22:24:02 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 20:14:53 GMT
server: nginx
age: 10990
etag: W/"611d6a3d-a502"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: qelnK82Cl4b9YlIyiEPdVcmpSebaXkjY3URPsocKbFe1zFhuINpS-A==
via: 1.1 712d13f439dbc19e06adfdbf33812a65.cloudfront.net (CloudFront)
expires: Mon, 13 Sep 2021 21:45:02 GMT

GET
H2 200 hosted-fields.min.js Show response
js.braintreegateway.com/web/3.68.0/js/ Frame C7E8 62 KB
18 KB 104ms
18ms Script
application/javascript 13.225.25.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/3.68.0/js/hosted-fields.min.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.25.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-25-108.cdg3.r.cloudfront.net
Software: nginx /
Resource Hash: 000e93badb3626183cb9302710ef294e8e2c904e5775caeb435587baf0994c95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 19:30:18 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 20:14:54 GMT
server: nginx
age: 19074
etag: W/"611d6a3e-f938"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: CDG3-C2
x-amz-cf-id: XFM34w8uiQmB0C3k4GW1oKWvX6YQ7w5ccFJkQeKVQDmw5yCKKHUQLw==
via: 1.1 712d13f439dbc19e06adfdbf33812a65.cloudfront.net (CloudFront)
expires: Mon, 13 Sep 2021 19:30:18 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/ Frame C7E8 13 KB
5 KB 62ms
21ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.8/iframeResizer.contentWindow.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b79dedcd9e48e0977603301bb9dd2809400389cc0978578e6001c91dfaec993

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 367995
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4395
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9f-348d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKNbuaWvm%2BnWCYKjSos39xoQFFazfe8og%2BI74xqTNJS0jTsTmtpMLGgz%2BGVcH485%2BBRcGTPVkMsLIbM3ps%2F%2FTCB5NhErDRl5TVBo8K7Y4CCh%2F%2Bd%2BEsncKB9lVaEupXLcxp%2B7zJOZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68dd5e607f3627c0-PRG
expires: Sat, 03 Sep 2022 00:48:12 GMT

GET
H2 200 4c9b43643d.js Show response
kit.fontawesome.com/ Frame C7E8 11 KB
4 KB 146ms
83ms Script
text/javascript 104.18.23.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/4c9b43643d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42bd0dab45f2cdbc0e88bc15a71f8ef4e60aa00420343e68a1497c50d61b75e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:12 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 68dd5e609ee2412b-PRG
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FqPqgWU7y-k0NJD4AAfB

GET
H2 200 app.f2fe53.js Show response
checkout.groovesell.com/admin/js_new/ Frame C7E8 4 MB
1 MB 241ms
241ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0938233bc404d5a1c85626b29342a2ff3fa806275933a96d70bf1160aa6475b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "3eedef-5cb674a0ea25b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 68dd5e603e54f9d6-PRG
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 470ms
100ms Image
image/gif 52.72.152.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=3364072150&u=3738869777313450&v=2949284757794134&s=4913257045012207&b=web&tv=4.0&z=0&h=%2F&d=authentik.biz&t=Home&ts=1631494092944&st=1631494092946

Requested by

Host: authentik.biz
URL: https://authentik.biz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.152.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-152-54.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 00:48:13 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H/1.1 200
OK matomo.php
matomo.groovetech.io/ 43 B
217 B 128ms
128ms Image
image/gif 51.161.92.183
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matomo.groovetech.io/matomo.php?action_name=authentik.biz%2FHome&idsite=4&rec=1&r=835477&h=0&m=48&s=12&url=https%3A%2F%2Fauthentik.biz%2F&_id=6545e3006fdb7dff&_idts=1631494093&_idvc=1&_idn=0&_refts=0&_viewts=1631494093&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&dimension1=171879&dimension2=UGJ_m8nyv&gt_ms=330&pv_id=wdD7XK
Requested by: Host: authentik.biz
URL: https://authentik.biz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.161.92.183 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip183.ip-51-161-92.net
Software: nginx/1.19.2 / PHP/7.4.16
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://authentik.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
cache-control: no-store
server: nginx/1.19.2
x-powered-by: PHP/7.4.16
content-length: 43
content-type: image/gif

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame C7E8 12 KB
5 KB 232ms
193ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=checkout.groovesell.com&source=checkoutjs&t=xo&v=4.0.330

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/WlcXDPQsTK8PWDqWdzIFEy5wXbcXvK5uY1w191u9KMBnbv9' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-/WlcXDPQsTK8PWDqWdzIFEy5wXbcXvK5uY1w191u9KMBnbv9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: HIT
paypal-debug-id: f87137375e153
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4321
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4075-HHN
x-timer: S1631494093.357435,VS0,VE187
x-frame-options: SAMEORIGIN
date: Mon, 13 Sep 2021 00:48:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2ef4-3xgck+FFolYd+Y4aULz7wuzevMY"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 AcceptCore.js Show response
js.authorize.net/v1/ Frame C7E8 9 KB
3 KB 27ms
27ms Script
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/AcceptCore.js

Requested by

Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
age: 6780
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 68dd5e634d83410e-PRG
expires: Sat, 18 Sep 2021 00:48:13 GMT

GET
H2 200 AcceptCore.js Show response
js.authorize.net/v1/ Frame C7E8 9 KB
3 KB 280ms
246ms XHR
application/javascript 104.18.9.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.authorize.net/v1/AcceptCore.js

Requested by

Host: js.authorize.net
URL: https://js.authorize.net/v1/Accept.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.18.9.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 10 Sep 2019 23:26:44 GMT
server: cloudflare
etag: W/"092b352f68d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 68dd5e638dd64120-PRG
expires: Sat, 18 Sep 2021 00:48:13 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ Frame C7E8 59 KB
13 KB 83ms
31ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free.min.css?token=4c9b43643d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"390b4210e10c744c3c597500bcf0b31a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNR52kAo%2FPAjrbF%2FvFv68WUFNp4rznTNNKR9lHgKZrLYCRdH2d0oGpLqoJKQLPNWDn2kb%2Fb%2BEThx%2F5Bvz2Sqaih6Rs2BKp%2BGXiHwBxvb%2BTkwNkPNQUXv1hoHJLv2OrLCi35LuuPhMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 68dd5e63bceb413e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 8HUEoOqADYNcJE7WqT2PoCamTSjnqaeDZRyZwj8wkR9fAI9l8VjG-Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ Frame C7E8 26 KB
5 KB 87ms
35ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-shims.min.css?token=4c9b43643d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
via: 1.1 d33f640b9793fb0553cc6dbe55988068.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"8a99ce81ec2f89fbca03f2c8cf1a3679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmdLpR4cZkUGZgTD50U%2F0uu8eM0GVE2ugN4JzLKQzZbbCLC2ifumyzImbxvEFU2UN79wA0Bl0Pmq%2BkIQpR8czXoVY8UTqyLbGeBjkK5OnZu8vWyp%2BCgMB3No6%2FON1TPJvSrubv13%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 68dd5e63bcec413e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: u4dxnQfYKJ9sKSYYPWx8y9pEvYQBXG3-URZkiDzqTpvjNOi5yfnxzA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.3/css/ Frame C7E8 3 KB
2 KB 81ms
29ms Fetch
text/css 172.67.161.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.3/css/free-v4-font-face.min.css?token=4c9b43643d
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4c9b43643d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.161.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
via: 1.1 e14614617e85116e937d5168b35a94df.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Mar 2021 02:23:57 GMT
server: cloudflare
etag: W/"22be82a519ceafc43258d8f58a37fcf5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gu%2BBopB1p0%2B0v5oY%2FBYcTaoEK0ttTYmzzcYpK7hkQafOnJXPj16aKj6chsGCGTXEDIzLQeuNb%2FxalD9DpoUuhxx2dpobKOY9ttPXQc%2BxeW2Zmhk79Xey44zC%2BfhcX3pcyydMR5HsVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 68dd5e63bced413e-PRG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: TGGixJRFx5hcMBG3hZGEJbvlBYMuajZhMLLCWh03N_-vDU5_Kn34hQ==

GET
H2 200 ts
t.paypal.com/ Frame C7E8 42 B
699 B 185ms
150ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=GrooveSell&dh=1200&dw=1600&bh=1430&bw=300&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1631494093555&g=0&completeurl=https%3A%2F%2Fcheckout.groovesell.com%2Fcheckout-widget%2F01368d3a40eda708eef881fbc3ac1d20%3Fask_username%3D0%26ask_password%3D0%26skip_billing%3D0%26skip_payment_info%3D0%26skip_tos%3D0%26overriden_affiliate_id%3D0%26overriden_tracking_permalink%3D&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 00:48:13 GMT
via: 1.1 varnish
x-timer: S1631494094.593333,VS0,VE144
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 833eac999bcda
expires: Mon, 13 Sep 2021 00:48:13 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4057-HHN

GET
H2 200 16.4338b3.js Show response
checkout.groovesell.com/js/ Frame C7E8 9 KB
2 KB 223ms
223ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/16.4338b3.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c18bcf2a66301dd0f0fd09628672213a4270362cebfdc39e55e4a62e00e419d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:13 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "25b2-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e6638f1f9d6-PRG
content-length: 1803
expires: Mon, 13 Sep 2021 04:48:13 GMT

GET
H2 200 0.c98a90.js Show response
checkout.groovesell.com/js/ Frame C7E8 11 KB
3 KB 229ms
228ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/0.c98a90.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752d45cf5d9e9e1958f82babd0059f238e6d2825c21777a957be25f787f98786

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "2a81-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e670936f9d6-PRG
content-length: 3078
expires: Mon, 13 Sep 2021 04:48:14 GMT

GET
H2 200 1.4bd575.js Show response
checkout.groovesell.com/js/ Frame C7E8 47 KB
11 KB 229ms
228ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/1.4bd575.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e03bc8a0eaab8cc8146aa3e5c5c29a45f6a25c9f9483273ae30c424cdb5a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "bceb-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e670938f9d6-PRG
content-length: 11606
expires: Mon, 13 Sep 2021 04:48:14 GMT

GET
H2 200 2.6ffdf7.js Show response
checkout.groovesell.com/js/ Frame C7E8 2 MB
526 KB 341ms
340ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/2.6ffdf7.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b4c21c01eb65742f1af70b5ffc2fa75acc6fba23bbc027824b53a408f72347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "18af7f-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 68dd5e670939f9d6-PRG
expires: Mon, 13 Sep 2021 04:48:14 GMT

GET
H2 200 3.7d0b46.js Show response
checkout.groovesell.com/js/ Frame C7E8 261 KB
63 KB 231ms
230ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/3.7d0b46.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11387ee6705cd875194ee73563f80fc1b146066ad3299385f27fe23759578ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "4148c-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 68dd5e67093af9d6-PRG
expires: Mon, 13 Sep 2021 04:48:14 GMT

GET
H2 200 5.0b6bf4.js Show response
checkout.groovesell.com/js/ Frame C7E8 676 KB
48 KB 458ms
458ms Script
application/javascript 104.17.6.97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.groovesell.com/js/5.0b6bf4.js
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.6.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8407a08882865ad57f77f32217ab38aead89319aaf6f844dcb8967f39092f4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/checkout-widget/01368d3a40eda708eef881fbc3ac1d20?ask_username=0&ask_password=0&skip_billing=0&skip_payment_info=0&skip_tos=0&overriden_affiliate_id=0&overriden_tracking_permalink=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 Sep 2021 12:56:08 GMT
server: cloudflare
etag: "a8f0e-5cb674a0ed13c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 68dd5e67093bf9d6-PRG
content-length: 48665
expires: Mon, 13 Sep 2021 04:48:14 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame C7E8 701 KB
136 KB 50ms
49ms Stylesheet
text/css 142.250.110.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.110.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wf-in-f95.1e100.net

Software

ESF /

Resource Hash

932ab3d0c62e11b4cb3b6e926d69b8a1e3821a7b08872d85c5555ef64af6f90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 00:48:13 GMT
server: ESF
date: Mon, 13 Sep 2021 00:48:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 13 Sep 2021 00:48:13 GMT

GET
H2 200 m-outer-9475bd26486e6119b23924eebd3d561a.html Show response
js.stripe.com/v3/ Frame EAAC 215 B
534 B 6ms
6ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkout.groovesell.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/

Response headers

x-amz-id-2: l5Na+8ApgEBEB2regdU/34V34kg7XO/YieiWDH8WAZ8PBDzYy46VodWo5/oMlfTDaha9TYU4III=
x-amz-request-id: C1CPKKJXVJS92MFZ
last-modified: Wed, 01 Sep 2021 21:34:43 GMT
etag: "9475bd26486e6119b23924eebd3d561a"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 13 Sep 2021 00:48:14 GMT
via: 1.1 varnish
age: 259
x-served-by: cache-fra19168-FRA
x-cache: HIT
x-cache-hits: 67
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

GET
H2 200 m-outer-f045e3b6b64aa0e635a6cabefc84daae.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EAAC 1 KB
818 B 6ms
6ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-9475bd26486e6119b23924eebd3d561a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: br
vary: Accept-Encoding
age: 266
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: oWkmpgeBsIeOMJVKmFdg2P4O4q6rqON/mkzlrOx20HS9LXjBnrNzNwGyO3SFzA4LBdU/lsoned4=
x-served-by: cache-fra19168-FRA
timing-allow-origin: *
last-modified: Wed, 01 Sep 2021 21:34:46 GMT
server: AmazonS3
etag: "01f873d478053c6a0368329ea08f7a10"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: H633CXVR7MQDG75P
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 69

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 283A 932 B
972 B 14ms
6ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-f045e3b6b64aa0e635a6cabefc84daae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
etag: W/"6114649b-3a4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 13 Sep 2021 00:48:14 GMT
age: 71
x-served-by: cache-sea4483-SEA, cache-fra19168-FRA
x-cache: HIT, HIT
x-cache-hits: 2, 17
x-timer: S1631494094.214836,VS0,VE0
vary: Accept-Encoding
content-length: 537

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame 283A 85 KB
18 KB 6ms
6ms Script
application/x-javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 165
x-cache: HIT, HIT
content-length: 18452
x-served-by: cache-sea4427-SEA, cache-fra19168-FRA
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
x-timer: S1631494094.227248,VS0,VE0
date: Mon, 13 Sep 2021 00:48:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 42

POST 6
m.stripe.com/ Frame 283A 0
0

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame C7E8 30 KB
6 KB 36ms
18ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 114326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY2WmlOM0wrr7kpZELm32areR7GAQWpn%2B9voPAPLIhr2JozqRSGz13sO6NKFcHLn%2Fu4GgKiPH0lFHeFaq5ORqQqigzKfxPLPaMuzDdIp7EvaSF9WhkAA2GDDOiKhW38H6FUMElhx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68dd5e6c3d992780-PRG
expires: Sat, 03 Sep 2022 00:48:14 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v16/ Frame C7E8 19 KB
19 KB 48ms
13ms Font
font/woff2 74.125.140.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f94.1e100.net

Software

sffe /

Resource Hash

06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://checkout.groovesell.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 01:04:18 GMT
x-content-type-options: nosniff
age: 85436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18972
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 02:44:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 01:04:18 GMT

GET
H2 200 checkout-links Show response
v1.gdapis.com/api/groovesell/ Frame C7E8 7 KB
3 KB 628ms
569ms XHR
application/json 172.67.217.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovesell/checkout-links?filter[permalink]=01368d3a40eda708eef881fbc3ac1d20
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.217.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: cb2d398685c052e6f19ac3109cd921638a7e0071fa2a9d47a08196a9f3e5e2de

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkout.groovesell.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECgzKGZwn3XAHtmYzR2WkU%2BUb3YgoTYKhZaDXhjr01jZdYCfLEQT%2FXm9gnaffK7jy8yEEjzumS7zz4j%2Fz4gSlquF9lv3LLVuBbWu8WnkcJXugWubuwN%2Bs6P8ybb7kCA0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 68dd5e6cba2a4126-PRG

POST
H3 200 19437 Show response
v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/ Frame C7E8 372 B
871 B 183ms
182ms XHR
application/json 172.67.217.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/19437
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.217.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: ae70bdfd3e5348f1c90209c492d73c7938ec0ae6b286941b9b26606e694a13da

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkout.groovesell.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 13 Sep 2021 00:48:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJ9X7oKoWMBW3Cid9Re0w%2FsPfZl860ptqKBRUkKHWeLIfy8sIe0wUJipUDqaL1WMDFJvxMnPUsUYPdColrIR6iCu9icMxR6WWehIvgTrMyqlZF0zXnNPfJ0qC3a6iPN4"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 68dd5e715812412b-PRG

OPTIONS
H3 204 19437
v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/ Frame 0
0 165ms
146ms Preflight
text/html 172.67.217.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovesell/resolve-affiliate-cookie/19437
Protocol: H3
Server: 172.67.217.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://checkout.groovesell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Sep 2021 00:48:15 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.24
cache-control: no-cache, private
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJDrc1Qj0sHIPwTuRBbQlGgWYgNCkjG9jUnQ%2FXnpgjiWsPtdcPFG6uaT8OXL0%2BdG9KK4FKpspDn8xSvVL%2Ba4Jl5Fhl6x8vjy45KzYFh4X1c2Opozx2cCwat0paxcvhW7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68dd5e707f98412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame C7E8 289 KB
88 KB 516ms
515ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Requested by

Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/js/5.0b6bf4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18b2affeeb8c3da6f1cfb55dfc25cf85c1f4a39be7246c596a30c640dd23c050

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish
x-cache: MISS
p3p: true
paypal-debug-id: f309119eedff2
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 88897
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4075-HHN
x-timer: S1631494096.761244,VS0,VE509
x-frame-options: SAMEORIGIN
date: Mon, 13 Sep 2021 00:48:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 13 Sep 2021 00:53:16 GMT
cache-control: public, max-age=300, s-maxage=300
etag: W/"15b41-Nq4CdicEnKD0EHFMSJLZgzSMw5Q"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 1602646021_AUTHENTIK%201.png
assets.grooveapps.com/images/5f0c9be740850600130a56bf/ Frame C7E8 137 KB
137 KB 19ms
18ms Image
image/webp 104.18.20.180
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5f0c9be740850600130a56bf/1602646021_AUTHENTIK%201.png
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.20.180 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afc62bc01b2546b1d96c09afb4d9dbc84c902baecb0a482db29a7ff2597becc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:15 GMT
cf-cache-status: HIT
age: 3
cf-polished: origFmt=png, origSize=446513
x-guploader-uploadid: ADPycduRI5YFazhjQcfCE3QBRNMaWUkYn-TJ5O2o1ImE64HOmxoO5VQxvcfMsxBDFe8YYHxDp-opBSrMRIAdbKg2s4U
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1602646021_AUTHENTIK%201.webp"
content-type: image/webp
content-length: 140088
expires: Mon, 13 Sep 2021 04:48:15 GMT
last-modified: Wed, 14 Oct 2020 03:27:02 GMT
server: cloudflare
etag: "5e87cca1b7897de89bebd2ca519c57be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=b7TZBw==, md5=XofMobeJfeib69LKUZxXvg==
x-goog-generation: 1602646022328139
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 446513
accept-ranges: bytes
cf-ray: 68dd5e729e564114-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK s Show response
ip2c.org/ Frame C7E8 22 B
223 B 156ms
46ms Fetch
text/html 77.55.235.217
NAZWA

General

Check archive.org

Show headers Download Go to

Full URL: https://ip2c.org/s
Requested by: Host: checkout.groovesell.com
URL: https://checkout.groovesell.com/admin/js_new/app.f2fe53.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 77.55.235.217 , Poland, ASN15967 (NAZWA, PL),
Reverse DNS: dedicated-ajb217.rev.nazwa.pl
Software: nginx /
Resource Hash: cbc37ada73cf1c40f413133317044e6582a0e90a8ea314938a349157014ca5cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 13 Sep 2021 00:48:16 GMT
Server: nginx
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame C7E8 18 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ Frame C7E8 13 KB
5 KB 975ms
972ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=checkout.groovesell.com&t=xo&v=5.0.256&source=payments_sdk&client_id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ae3f8c2d276045b2b05f3822b8ebdc0698ce939e837c9636b4b364c0097f65d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GXckL92ItCcYiWp0qRn1TJHsg17Wm/jyWIg6cqn+42twhOdC' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-GXckL92ItCcYiWp0qRn1TJHsg17Wm/jyWIg6cqn+42twhOdC' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
paypal-debug-id: f5406234d1b40
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4741
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4075-HHN
x-timer: S1631494096.308482,VS0,VE962
x-frame-options: SAMEORIGIN
date: Mon, 13 Sep 2021 00:48:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"34e7-2By1RKzs+V8iifidhbYdybhyWDU"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 49BE 291 KB
122 KB 626ms
626ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cfb46424e5a60ff27b481df231b382933477af356eea29377c8204cc515ed121

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkout.groovesell.com/
accept-encoding: gzip, deflate, br
cookie: ts=vreXpYrS%3D1726188493%26vteXpYrS%3D1631495893%26vr%3Ddca03b6517b0ad103c76f5feffffffff%26vt%3Ddca03b6517b0ad103c76f5fefffffffe; ts_c=vr%3Ddca03b6517b0ad103c76f5feffffffff%26vt%3Ddca03b6517b0ad103c76f5fefffffffe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"48df2-VbxCcRN8z93KCMPBwQKVhrJFBnU"
p3p: true
paypal-debug-id: f309119d71e95
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 16 Sep 2021 00:48:16 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Mon, 13 Sep 2021 01:18:16 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1726188496%26vteXpYrS%3D1631495896%26vr%3Ddca03b6517b0ad103c76f5feffffffff%26vt%3Ddca03b6517b0ad103c76f5fefffffffe%26vtyp%3D; Path=/; Domain=paypal.com; Expires=Thu, 12 Sep 2024 00:48:16 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3Ddca03b6517b0ad103c76f5feffffffff%26vt%3Ddca03b6517b0ad103c76f5fefffffffe; Path=/; Domain=paypal.com; Expires=Thu, 12 Sep 2024 00:48:16 GMT; Secure; SameSite=None x-cdn=0003; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: phx-origin-www-2.paypal.com
accept-ranges: none
date: Mon, 13 Sep 2021 00:48:17 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4075-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631494096.390818,VS0,VE618
vary: Accept-Encoding
content-encoding: br

GET
DATA 200
OK truncated
/ Frame D5E4 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D5E4 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame C7E8 869 B
1 KB 183ms
183ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88a13d0ec45686f5529b74829dfe11a68c3c2728d5f76fb2e775321931c52221

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://checkout.groovesell.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/json

Response headers

date: Mon, 13 Sep 2021 00:48:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f2878252561a4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-2.paypal.com
x-served-by: cache-hhn11539-HHN, cache-fra19141-FRA
x-timer: S1631494097.582766,VS0,VE177
etag: W/"365-wleVLxUgBx5zZ0KagM0l/V3Nkzs"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://checkout.groovesell.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 167ms
154ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://checkout.groovesell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://checkout.groovesell.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f3091191cb33e
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 13 Sep 2021 00:48:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4043-HHN, cache-fra19141-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1631494096.427739,VS0,VE148
content-encoding: br
vary: accept-encoding

GET
DATA 200
OK truncated
/ Frame 49BE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 49BE 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 49BE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 49BE 289 KB
88 KB 11ms
10ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18b2affeeb8c3da6f1cfb55dfc25cf85c1f4a39be7246c596a30c640dd23c050

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-+YzoQomtKjQ5EzkdKbmE62IltFFnR5yh1gjV9Qz+9717KlA7' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 1
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f309119eedff2
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 88897
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4075-HHN
x-timer: S1631494097.169013,VS0,VE2
x-frame-options: SAMEORIGIN
date: Mon, 13 Sep 2021 00:48:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 13 Sep 2021 00:53:16 GMT
cache-control: public, max-age=300, s-maxage=300
etag: W/"15b41-Nq4CdicEnKD0EHFMSJLZgzSMw5Q"
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame 49BE 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 49BE 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3a64fe8fed0018f62ed500df95b8b9c71326d06eef4b87ed6d0ced53742aef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ Frame C7E8 55 KB
16 KB 6ms
6ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=checkout.groovesell.com&t=xo&v=5.0.256&source=payments_sdk&client_id=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&vault=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 7e76a0d099cd6
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 16424
x-served-by: cache-sjc10075-SJC, cache-hhn4054-HHN
last-modified: Thu, 19 Aug 2021 15:53:03 GMT
x-timer: S1631494097.286121,VS0,VE0
etag: W/"611e7e5f-da2c"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-cache-hits: 214468, 36

GET
H2 200 ts
t.paypal.com/ Frame C7E8 42 B
461 B 151ms
151ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ABXU9Y89ZGWGE8-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ABXU9Y89ZGWGE8-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=129ef642-8477-4d96-a8a8-daff6db38614&fltp=analytics&mrid=BXU9Y89ZGWGE8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Checkout%20%C2%B7%20Jazmin%20Torres&dh=1200&dw=1600&bh=1430&bw=300&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1631494097283&g=0&completeurl=https%3A%2F%2Fcheckout.groovesell.com%2Fcheckout-widget%2F01368d3a40eda708eef881fbc3ac1d20%3Fask_username%3D0%26ask_password%3D0%26skip_billing%3D0%26skip_payment_info%3D0%26skip_tos%3D0%26overriden_affiliate_id%3D0%26overriden_tracking_permalink%3D&ru=https%3A%2F%2Fauthentik.biz%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 00:48:17 GMT
via: 1.1 varnish
x-timer: S1631494097.286208,VS0,VE144
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 6d95aabb2cdb7
expires: Mon, 13 Sep 2021 00:48:17 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4057-HHN

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame BD39 54 KB
16 KB 7ms
6ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c0e569d3993695c0e411ee26f081e4ad040383c7e473c265fc86408bafa980f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://checkout.groovesell.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"61391a16-d785"
last-modified: Wed, 08 Sep 2021 20:16:22 GMT
paypal-debug-id: 575f77e2c50e9
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 13 Sep 2021 00:48:17 GMT
x-served-by: cache-sjc10079-SJC, cache-hhn4054-HHN
x-cache: HIT, HIT
x-cache-hits: 76507, 12
x-timer: S1631494097.305197,VS0,VE0
vary: Accept-Encoding
cache-control: public,max-age=3600
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16698

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame BD39 18 B
207 B 7ms
7ms Fetch
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 00:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
paypal-debug-id: 1c556ce99cbbd
x-cache-hits: 174309, 22
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 38
x-served-by: cache-sjc10031-SJC, cache-hhn4054-HHN
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
x-timer: S1631494097.340082,VS0,VE0
etag: "60271cd0-12"
strict-transport-security: max-age=31557600
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public,max-age=3600
accept-ranges: bytes
x-client-location: DE

GET
H2 200 ts
t.paypal.com/ Frame C7E8 42 B
416 B 179ms
178ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ABXU9Y89ZGWGE8-1&page=muse%3Aoffer%3A%3A%3ABXU9Y89ZGWGE8-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=129ef642-8477-4d96-a8a8-daff6db38614&es=visitorInfoFlowStarted&mrid=BXU9Y89ZGWGE8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Checkout%20%C2%B7%20Jazmin%20Torres&dh=1200&dw=1600&bh=1430&bw=300&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1631494097339&g=0&completeurl=https%3A%2F%2Fcheckout.groovesell.com%2Fcheckout-widget%2F01368d3a40eda708eef881fbc3ac1d20%3Fask_username%3D0%26ask_password%3D0%26skip_billing%3D0%26skip_payment_info%3D0%26skip_tos%3D0%26overriden_affiliate_id%3D0%26overriden_tracking_permalink%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 00:48:17 GMT
via: 1.1 varnish
x-timer: S1631494097.342653,VS0,VE173
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 7a236ac465c88
expires: Mon, 13 Sep 2021 00:48:17 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4057-HHN

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame BD39 441 B
1 KB 308ms
308ms Fetch
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1f6ccf462b4c1a818d562a3375f5bd63b7b27804b4fbf730d7e825eb4cb42637

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-LH2ryxTYbm86hhrUs8pbXQcPCKI4KILMPQhAXi0Egs+8Wzin' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-LH2ryxTYbm86hhrUs8pbXQcPCKI4KILMPQhAXi0Egs+8Wzin' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f8915839db0c4
date: Mon, 13 Sep 2021 00:48:17 GMT
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4075-HHN
x-timer: S1631494098.572666,VS0,VE297
x-frame-options: SAMEORIGIN
etag: W/"1b9-74zkGP6f6VehpLs4m8g6gTa6GvI"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 205ms
204ms Preflight 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f28782543f459
dc: phx-origin-www-2.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 13 Sep 2021 00:48:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11526-HHN, cache-fra19141-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1631494097.367227,VS0,VE191

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 49BE 53 KB
19 KB 209ms
8ms Script
application/javascript 151.101.129.35

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 947866
via: 1.1 varnish
x-cache: HIT
paypal-debug-id: 2d71bfc18b85b
x-cache-hits: 882332
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18575
etag: W/"610b110d-d38b"
x-served-by: cache-hhn4076-HHN
last-modified: Wed, 04 Aug 2021 22:13:33 GMT
x-timer: S1631494098.824614,VS0,VE1
date: Mon, 13 Sep 2021 00:48:17 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
expires: Tue, 14 Sep 2021 00:48:17 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 49BE 875 B
1 KB 179ms
179ms Ping
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c9838c882b5e2194409b9b9f0c2c2d666edf624e12f1ed4fccc44449c21648e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 13 Sep 2021 00:48:17 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f891583962258
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4075-HHN
x-timer: S1631494098.690852,VS0,VE171
etag: W/"36b-fbpKUHT1mcsQJ5cVlHS9BwvjPpA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame F69B 160 B
868 B 176ms
176ms Document
text/html 151.101.129.35

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/
accept-encoding: gzip, deflate, br
cookie: tsrce=smartcomponentnodeweb; l7_az=dcg14.slc; ts=vreXpYrS%3D1726188497%26vteXpYrS%3D1631495897%26vr%3Ddca04a1b17b0ad104841554cffffffff%26vt%3Ddca04a1b17b0ad104841554cfffffffe; ts_c=vr%3Ddca04a1b17b0ad104841554cffffffff%26vt%3Ddca04a1b17b0ad104841554cfffffffe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: 42925342d4fc5
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 42925342d4fc5
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
date: Mon, 13 Sep 2021 00:48:18 GMT
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631494098.859887,VS0,VE170
vary: Accept-Encoding
set-cookie: x-cdn=0300; Domain=paypal.com; Path=/; Secure
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 745B
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

112ms
38ms

Image
image/jpeg

64.4.245.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWNKMldxNWJPM01oWDRvQVg2ZS1iWlRfT2tEdjBIYXA0N1ZfM29WT3QwQk5odGZaX2V6OTBIem5tRC1iMVJEWkxXVkVZYmRib2ZNM2s1OHMmdmF1bHQ9dHJ1ZSIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX29hbm5xa3picGxqdnhyYW1xcWZodGpydG1naWtueiJ9fQ&clientID=AcJ2Wq5bO3MhX4oAX6e-bZT_OkDv0Hap47V_3oVOt0BNhtfZ_ez90HznmD-b1RDZLWVEYbdbofM3k58s&sdkCorrelationID=af90fdcff4308&storageID=uid_12ec149d39_mda6ndg6mty&sessionID=uid_37e6cb1ff0_mda6ndg6mty&buttonSessionID=uid_1e675dbc59_mda6ndg6mty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6bnVsbH0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjpudWxsfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImhpcGVyIjp7ImVsaWdpYmxlIjpudWxsLCJ2YXVsdGFibGUiOm51bGx9LCJlbG8iOnsiZWxpZ2libGUiOm51bGwsInZhdWx0YWJsZSI6bnVsbH0sImpjYiI6eyJlbGlnaWJsZSI6bnVsbCwidmF1bHRhYmxlIjpudWxsfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6bnVsbH0sIml0YXUiOnsiZWxpZ2libGUiOm51bGx9LCJjcmVkaXQiOnsiZWxpZ2libGUiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6bnVsbH0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwic2VwYSI6eyJlbGlnaWJsZSI6bnVsbH0sImlkZWFsIjp7ImVsaWdpYmxlIjpudWxsfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6bnVsbH0sImdpcm9wYXkiOnsiZWxpZ2libGUiOm51bGx9LCJlcHMiOnsiZWxpZ2libGUiOm51bGx9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOm51bGx9LCJteWJhbmsiOnsiZWxpZ2libGUiOm51bGx9LCJwMjQiOnsiZWxpZ2libGUiOm51bGx9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpudWxsfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpudWxsfSwicGF5dSI6eyJlbGlnaWJsZSI6bnVsbH0sImJsaWsiOnsiZWxpZ2libGUiOm51bGx9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpudWxsfSwib3h4byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1heGltYSI6eyJlbGlnaWJsZSI6bnVsbH0sImJvbGV0byI6eyJlbGlnaWJsZSI6bnVsbH0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpudWxsfX0&platform=desktop&experiment.enableVenmo=false&flow=billing_setup&currency=USD&intent=capture&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 -, , ASN (),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 13 Sep 2021 00:48:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS
Date: Mon, 13 Sep 2021 00:48:17 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 ts
t.paypal.com/ Frame C7E8 42 B
437 B 153ms
153ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ABXU9Y89ZGWGE8-1&page=muse%3Aoffer%3A%3A%3ABXU9Y89ZGWGE8-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=129ef642-8477-4d96-a8a8-daff6db38614&es=visitorInfo&cust=identified&mrid=BXU9Y89ZGWGE8&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Checkout%20%C2%B7%20Jazmin%20Torres&dh=1200&dw=1600&bh=1430&bw=300&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=6&identifier_used=DFP&e=im&t=1631494097889&g=0&completeurl=https%3A%2F%2Fcheckout.groovesell.com%2Fcheckout-widget%2F01368d3a40eda708eef881fbc3ac1d20%3Fask_username%3D0%26ask_password%3D0%26skip_billing%3D0%26skip_payment_info%3D0%26skip_tos%3D0%26overriden_affiliate_id%3D0%26overriden_tracking_permalink%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://checkout.groovesell.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 00:48:18 GMT
via: 1.1 varnish
x-timer: S1631494098.892575,VS0,VE146
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5537903601d64
expires: Mon, 13 Sep 2021 00:48:17 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4057-HHN

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame F69B 53 KB
19 KB 7ms
7ms Script
application/javascript 151.101.129.35

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 947866
via: 1.1 varnish
x-cache: HIT
paypal-debug-id: 2d71bfc18b85b
x-cache-hits: 882333
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18575
etag: W/"610b110d-d38b"
x-served-by: cache-hhn4076-HHN
last-modified: Wed, 04 Aug 2021 22:13:33 GMT
x-timer: S1631494098.048623,VS0,VE1
date: Mon, 13 Sep 2021 00:48:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
expires: Tue, 14 Sep 2021 00:48:18 GMT

POST p1
c.paypal.com/v1/r/d/b/ Frame F69B 0
0

POST e
c.paypal.com/v1/r/d/b/ Frame F69B 0
0

GET p3
c6.paypal.com/v1/r/d/b/ Frame F69B 0
0

POST logger
www.paypal.com/xoplatform/logger/api/ Frame 49BE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.stripe.com
URL: https://m.stripe.com/6

Domain: c.paypal.com
URL: https://c.paypal.com/v1/r/d/b/p1

Domain: c.paypal.com
URL: https://c.paypal.com/v1/r/d/b/e

Domain: c6.paypal.com
URL: https://c6.paypal.com/v1/r/d/b/p3?f=uid_37e6cb1ff0_mda6ndg6mty&s=SMART_PAYMENT_BUTTONS

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.authorize.net/	1969-12-31 23:59:59	Name: __cfruid Value: 3576a4748698f233c5506d0c2f198d6f45c1170f-1631494092
.authentik.biz/	1970-01-20 06:39:31	Name: _hp2_id.3364072150 Value: %7B%22userId%22%3A%223738869777313450%22%2C%22pageviewId%22%3A%222949284757794134%22%2C%22sessionId%22%3A%224913257045012207%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
authentik.biz/	1970-01-20 06:37:29	Name: _pk_id.4.89db Value: 6545e3006fdb7dff.1631494093.1.1631494093.1631494093.
authentik.biz/	1970-01-19 21:11:35	Name: _pk_ses.4.89db Value: 1
authentik.biz/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true
.authentik.biz/	1970-01-19 21:11:35	Name: _hp2_ses_props.3364072150 Value: %7B%22ts%22%3A1631494092944%2C%22d%22%3A%22authentik.biz%22%2C%22h%22%3A%22%2F%22%7D
.paypal.com/	1970-01-19 21:15:53	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-19 21:11:35	Name: l7_az Value: dcg14.slc
.paypalobjects.com/	1970-01-19 21:15:53	Name: paypal-offers--country Value: DE
.paypal.com/	1970-01-20 23:29:48	Name: ts Value: vreXpYrS%3D1726188497%26vteXpYrS%3D1631495897%26vr%3Ddca04a1b17b0ad104841554cffffffff%26vt%3Ddca04a1b17b0ad104841554cfffffffe
.paypal.com/	1970-01-20 23:29:48	Name: ts_c Value: vr%3Ddca04a1b17b0ad104841554cffffffff%26vt%3Ddca04a1b17b0ad104841554cfffffffe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
authentik.biz
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.heapanalytics.com
cdnjs.cloudflare.com
checkout.groovesell.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
gitcdn.link
heapanalytics.com
ip2c.org
js.authorize.net
js.braintreegateway.com
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
m.stripe.com
m.stripe.network
matomo.groovetech.io
t.paypal.com
use.fontawesome.com
v1.gdapis.com
www.paypal.com
www.paypalobjects.com
c.paypal.com
c6.paypal.com
m.stripe.com
www.paypal.com
104.16.18.94
104.17.6.97
104.18.20.180
104.18.23.52
104.18.9.127
104.21.234.55
104.21.66.129
13.225.25.108
142.250.110.95
143.204.228.62
151.101.1.35
151.101.114.133
151.101.12.176
151.101.129.21
151.101.129.35
172.67.139.13
172.67.161.47
172.67.167.139
172.67.214.69
172.67.217.10
51.161.92.183
52.72.152.54
64.4.245.84
74.125.140.94
77.55.235.217
000e93badb3626183cb9302710ef294e8e2c904e5775caeb435587baf0994c95
01975ce82ed10b4ef1bfa3bceb6116399f71eb855658efde8f3704bcab487a08
0248b8a04172b6cbc5e60650c0b889acdd28edaad32b8be77128a578dc53c118
06f3af3fe52542d40ad9bc14ec03e04deaabd09ec369221cc8f536db1c72bf55
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53
13e44ac91c0d0e34922532b04d931246156aef649b2ac9cacc69ad75ce63ad00
18b2affeeb8c3da6f1cfb55dfc25cf85c1f4a39be7246c596a30c640dd23c050
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1ec58275b0b02742d91c7911fdc089f898997937a6389c8c8a51fd9e27cfc74d
1f6ccf462b4c1a818d562a3375f5bd63b7b27804b4fbf730d7e825eb4cb42637
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
362daeaf1f7e05fee9a609e549f148aacbe518c166fbd96ead69057e295742af
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
42bd0dab45f2cdbc0e88bc15a71f8ef4e60aa00420343e68a1497c50d61b75e8
442035f71c10d96bf7fa6efe89aca7705495cfc40909bb70ad22fc4a9c091781
452e236eb929e43213926695c66e53e6d37b0453a4938754a3b6b2c9475414b7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59b4c21c01eb65742f1af70b5ffc2fa75acc6fba23bbc027824b53a408f72347
68fed142b211b51c4d2e9b610dd4d09bc4812739b5beaa63535d88e38e90a946
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b79dedcd9e48e0977603301bb9dd2809400389cc0978578e6001c91dfaec993
6c18bcf2a66301dd0f0fd09628672213a4270362cebfdc39e55e4a62e00e419d
6c9838c882b5e2194409b9b9f0c2c2d666edf624e12f1ed4fccc44449c21648e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f42b186368b355347ea95049d656284442855c49ed95fa7d722fbfde2c06d84
752d45cf5d9e9e1958f82babd0059f238e6d2825c21777a957be25f787f98786
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ec52f0ce86fb27c47d1f860ba62d34ad5fe6cd3778ee0952ac698f52096e81
7f185c1c5d97de56e16234b367ba43ce86ac0db8e9d7877062feb75288147f01
807d570c16663e8b11121736937e3855958062e08336811485c38f1df02b6c1f
85da415b922df987ce15d5ba8717de895ca63394327a59cc4005375e2b382a59
85e03bc8a0eaab8cc8146aa3e5c5c29a45f6a25c9f9483273ae30c424cdb5a52
86532df979078bb8d18f6eda7d82fbba5507367534fc55813da9b777ca01b007
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
88a13d0ec45686f5529b74829dfe11a68c3c2728d5f76fb2e775321931c52221
89727f4953dc4e71c06456ebf4b10584d10edfed96c503e1e0020effa3d11b94
8ee3b8a1f4b6484f6439168c23b2f9deb62c9d7653044448ff1a1bd3317cc912
90e7aba9665c4a168344f9ae2ce2ee9046c037556e5c7488c57d43201c1ffddf
9182ceb573caf54e20209791b0d14ca3d75e901ce3984b63a9c93dd649fd2a7e
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
932ab3d0c62e11b4cb3b6e926d69b8a1e3821a7b08872d85c5555ef64af6f90b
938e3e20c94051c714c276b047eab4adbe5b771c62bb45b95f1d8d3a75331021
99f8aa3a499fc4852a255f4a1475d94fd6ceb4a199af0bcea4f1e7554e56375a
9f4501c6e024ec5ecc8ec86d5a09b9e603e226ab83149c8f481708bffcbd3f8e
a334574ec350dc5383461b1c59f219401d5d99ee1bad8443ff26d7c4e1aa1b78
ae3f8c2d276045b2b05f3822b8ebdc0698ce939e837c9636b4b364c0097f65d7
ae70bdfd3e5348f1c90209c492d73c7938ec0ae6b286941b9b26606e694a13da
afc62bc01b2546b1d96c09afb4d9dbc84c902baecb0a482db29a7ff2597becc8
b3a64fe8fed0018f62ed500df95b8b9c71326d06eef4b87ed6d0ced53742aef0
b63b83e97c7ff659ed3d5faabb2f7af0b6a1572052dbd3578059c3786c74f222
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc39faeca56080ddf58d15275b2fe0cfa3bc1ec8afd82508555b25555ec95086
c0e569d3993695c0e411ee26f081e4ad040383c7e473c265fc86408bafa980f2
c2819ca1f7ad1af7ba53c4edfdfd395c547bcb16d29892a234d7860c689ed929
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
cb2d398685c052e6f19ac3109cd921638a7e0071fa2a9d47a08196a9f3e5e2de
cbc37ada73cf1c40f413133317044e6582a0e90a8ea314938a349157014ca5cd
cdbdd4eb73a277bcbf241221bed8c3b7b444eb2024f3f6f16a8673169edc3e00
cfb46424e5a60ff27b481df231b382933477af356eea29377c8204cc515ed121
d11387ee6705cd875194ee73563f80fc1b146066ad3299385f27fe23759578ac
d8407a08882865ad57f77f32217ab38aead89319aaf6f844dcb8967f39092f4c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e9871cf0af9019f2a0094a2ce12eb7794c104f7f38d9f75e7017c9d26e7cf6
ec82a71992aa64b77ec2a84f76fec382a34505cda562bb2497a7dda603d3d024
f0938233bc404d5a1c85626b29342a2ff3fa806275933a96d70bf1160aa6475b
f46e0d4331801815971dc491f3543631620a49095b61ee2beefcb6095c0dd07f

authentik.biz Open in urlscan Pro 172.67.167.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

81 Requests

94 %HTTPS

0 %IPv6

20 Domains

29 Subdomains

25 IPs

5 Countries

3886 kBTransfer

13913 kBSize

11 Cookies

0 Outgoing links

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

authentik.biz Open in urlscan Pro
172.67.167.139 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

94 %
HTTPS

0 %
IPv6

20
Domains

29
Subdomains

25
IPs

5
Countries

3886 kB
Transfer

13913 kB
Size

11
Cookies

81 HTTP transactions
8 data transactions