payment.gmt.io Open in urlscan Pro
2606:4700:10::6816:43d1  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

• https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720408742277&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1792377030.1720408743&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720408742&sct=1&seg=0&dl=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&dt=GoMining%20Pay&en=lp_page_view&_c=1&_et=4&tfd=954&_z=fetch HTTP 302
• https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1792377030.1720408743&dbk=18149095568382302447&dma=1&dma_cps=sypham&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F

Request Chain 32

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&e_ipv6=AQJsXfFrnD5MwAAAAZCQWh3F4aBP6Kne8LyajPaJpQcxY65SK-jVTlzIhmlC1Jp0T89EI9L--YwFl48

Request Chain 37

• https://d.adroll.com/cm/b/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI

Request Chain 38

• https://d.adroll.com/cm/g/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cb5z3vDBkdT5dex7gRZ-6w

Request Chain 39

• https://d.adroll.com/cm/index/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742&C=1

Request Chain 41

• https://d.adroll.com/cm/n/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expires=365

Request Chain 42

• https://d.adroll.com/cm/o/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=71be73def0c191d4f975ec7b81167eeb&gdpr=1&gdpr_consent=

Request Chain 43

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=&us_privacy=1---

Request Chain 44

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 45

• https://d.adroll.com/cm/r/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 46

• https://d.adroll.com/cm/taboola/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI

Request Chain 47

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&dongle=c85e

Request Chain 48

• https://d.adroll.com/cm/x/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI

Request Chain 51

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10423.GbW1VHuncSZj3fcIoQpYK-w2rgs7ogPqcuMv_efkCj0SsAQZ21ZhiDJbuFli0rb6.urXVmTu694ovTjt1bZTb3ophUeM%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=10423.I1d6ZZkQtQeD8gn7VhFTdaXWgQGlSJVaCcPvUzkQnpCO8Zlq9Ri2gqSjVVsEDIAA_mbAl3ZEZ8eLMYAzJ1wBMXo-jykFGCiEQYPCl_kLpt3J7MzdjhZ47L8JuQ5TFckIgfe-lfrtSGtTWyiFrTV87pWcS33B-ghecA2-BQIQ1lMf25PN1-o0ggW_4KPXJ2rM78XUr0cQOjTuxY_BlqhqZ22CixqA4xL4nAM8E2BGMT8%2C.HLmH7eVKMAaNNDAmqI2foKDF75s%2C

Request Chain 53

• https://mc.yandex.com/watch/95709663?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1598307951060%3Ahid%3A808464977%3Az%3A120%3Ai%3A20240708051903%3Aet%3A1720408743%3Ac%3A1%3Arn%3A553952724%3Arqn%3A1%3Au%3A1720408743182077350%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A561%3Awv%3A2%3Ads%3A0%2C47%2C88%2C2%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1720408741754%3Agi%3AR0ExLjEuMTc5MjM3NzAzMC4xNzIwNDA4NzQz%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720408743%3At%3AGoMining%20Pay&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
• https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1598307951060%3Ahid%3A808464977%3Az%3A120%3Ai%3A20240708051903%3Aet%3A1720408743%3Ac%3A1%3Arn%3A553952724%3Arqn%3A1%3Au%3A1720408743182077350%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A561%3Awv%3A2%3Ads%3A0%2C47%2C88%2C2%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1720408741754%3Agi%3AR0ExLjEuMTc5MjM3NzAzMC4xNzIwNDA4NzQz%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720408743%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 0f13e012-cb7c-488f-aa86-9c7faef29005 Show response payment.gmt.io/invoice/	7 KB 3 KB	151ms 88ms	Document text/html	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash c294a0e5b13599a4cb549be8ec913e4e9aae060788a290199d32f9880c4b3d78 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control s-maxage=31536000, stale-while-revalidate cf-cache-status DYNAMIC cf-ray 89fcee2c6a048f3c-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 08 Jul 2024 03:19:01 GMT server cloudflare strict-transport-security max-age=3600 vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-nextjs-cache HIT x-powered-by Next.js x-xss-protection 1
GET H2	200	674562d336b5715c.css payment.gmt.io/_next/static/css/	176 KB 27 KB	36ms 35ms	Stylesheet text/css	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/css/674562d336b5715c.css Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ac5e5a18e2e0e6e343ed19f82fdfe2a81b0f456422d58e2e5c4251feaba97ec Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 212809 etag W/"2bf0b-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d0a688f3c-FRA x-xss-protection 1
GET H2	200	webpack-a32d703dbef74abf.js Show response payment.gmt.io/_next/static/chunks/	4 KB 2 KB	34ms 33ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e438e219aa453c4042a823accda4f5687dca9908e02f5d4abcdd2b715c05451f Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 212809 etag W/"e49-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d0a6a8f3c-FRA x-xss-protection 1
GET H2	200	framework-73b8966a3c579ab0.js Show response payment.gmt.io/_next/static/chunks/	138 KB 44 KB	35ms 35ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/framework-73b8966a3c579ab0.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad2aa3ac062cdef13af1c2e28c6e95e36732484bd756fb6194a105b61af7c057 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 213777 etag W/"22712-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d4a918f3c-FRA x-xss-protection 1
GET H2	200	main-9c40a0f8bdc1e4d7.js Show response payment.gmt.io/_next/static/chunks/	104 KB 32 KB	41ms 36ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/main-9c40a0f8bdc1e4d7.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5288d0a84434bdc3fcd94fa748398b9c58f78940318f4b1e923a4c76cb948127 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 209715 etag W/"19ee6-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6a9e8f3c-FRA x-xss-protection 1
GET H2	200	_app-0b81273926c53f4c.js Show response payment.gmt.io/_next/static/chunks/pages/	902 KB 283 KB	46ms 42ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4887df375c3fc57aacb5341251f5f4453e37b0b0491f4aafbd56e39305d7510 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 213777 etag W/"e1984-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6a9f8f3c-FRA x-xss-protection 1
GET H2	200	764-1ea219de6b8324ef.js Show response payment.gmt.io/_next/static/chunks/	26 KB 8 KB	47ms 42ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/764-1ea219de6b8324ef.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7969dcfe9ef954ed7f367acb58c255c02fb03207250e52b0da4278e50941838f Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 209715 etag W/"6952-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6aa08f3c-FRA x-xss-protection 1
GET H2	200	258-79ce2e7badb541dc.js Show response payment.gmt.io/_next/static/chunks/	502 KB 146 KB	47ms 43ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6c7006f9b5db8584267c34e4c1c43eba9e58505c892ed462c6abc2989d2025f Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 213777 etag W/"7d915-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6aa18f3c-FRA x-xss-protection 1
GET H2	200	%5Bslug%5D-bf12cc4d6da215de.js Show response payment.gmt.io/_next/static/chunks/pages/invoice/	60 KB 13 KB	43ms 40ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/pages/invoice/%5Bslug%5D-bf12cc4d6da215de.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84ee3d792191cbc2a116b9f4fe6c526b11be673a73ee9bad85b0d9c731dce951 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 212809 etag W/"f0fb-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6aa28f3c-FRA x-xss-protection 1
GET H2	200	_buildManifest.js Show response payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/	569 B 398 B	37ms 34ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/_buildManifest.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b545ce85ef76222fafdd46c1fe7ddc096cf00b268b7102223b18314ad2ed1fa8 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT strict-transport-security max-age=3600 x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare age 212809 etag W/"239-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 content-encoding br cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6aa38f3c-FRA x-xss-protection 1
GET H2	200	_ssgManifest.js Show response payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/	131 B 187 B	46ms 43ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/wowDlceK0JLhyFeytjBeg/_ssgManifest.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8cdb6bd9623a596740743460a0bcd6fff106479f387ad8afa6fdf25d23e08f5 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:01 GMT strict-transport-security max-age=3600 x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 01 Jul 2024 14:33:31 GMT server cloudflare age 212809 etag W/"83-1906eb71678" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 content-encoding br cache-control public, max-age=31536000, immutable cf-ray 89fcee2d6aa48f3c-FRA x-xss-protection 1
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	126ms 60ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Origin https://payment.gmt.io Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip last-modified Thu, 06 Jun 2024 15:52:56 GMT server cloudflare etag W/"2024.6.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 89fcee2ddffd03a6-FRA
GET H2	200	css2 fonts.googleapis.com/	9 KB 1 KB	109ms 44ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 08 Jul 2024 03:11:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 08 Jul 2024 03:19:02 GMT
GET H2	200	css2 fonts.googleapis.com/	9 KB 821 B	109ms 45ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 08 Jul 2024 03:11:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 08 Jul 2024 03:19:02 GMT
GET H2	200	955.57328a7d08efe8f3.js Show response payment.gmt.io/_next/static/chunks/	43 KB 13 KB	36ms 35ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/955.57328a7d08efe8f3.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3accde5e7823c977360bf7dbc8e58fe5dbcc80e6baa0f9bb0150973b03e3652 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 209714 etag W/"ad41-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2ebb828f3c-FRA x-xss-protection 1
GET H2	200	173.4fafd5002c720c66.js Show response payment.gmt.io/_next/static/chunks/	317 KB 81 KB	34ms 33ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/173.4fafd5002c720c66.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c15942f92c92c4a336d20ffcf229ab3606b588388d78b008b4f9ee8d3d1b842e Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 213777 etag W/"4f34e-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 89fcee2ebb838f3c-FRA x-xss-protection 1
GET H2	200	883.19ad8321e523c240.js Show response payment.gmt.io/_next/static/chunks/	85 B 143 B	36ms 36ms	Script application/javascript	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/chunks/883.19ad8321e523c240.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/webpack-a32d703dbef74abf.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5de42099092920b23dcfac2b82c0b9c53227c17d02f47a744f6a11f71a3fd5c Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT strict-transport-security max-age=3600 x-content-type-options nosniff cf-cache-status HIT last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare age 209714 etag W/"55-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 content-encoding br cache-control public, max-age=31536000, immutable cf-ray 89fcee2ebb848f3c-FRA x-xss-protection 1
GET H2	200	hotjar-3535041.js Show response static.hotjar.com/c/	9 KB 4 KB	114ms 52ms	Script application/javascript	18.66.102.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3535041.js?sv=6 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-51.fra56.r.cloudfront.net Software / Resource Hash 6793d01cf8f1250cb5bd6cae0a2b8d176b9dd3f40f71485b9b8b588fcbd513a7 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/3ba786c2c6e8b40653aa02f29693d713 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=60 x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id AXpoIOo5RXnMYiiVe-O1gQxdgPT8ynZXVVszPzrS-WU2jhAojFGKtg==
GET H2	200	gtm.js Show response www.googletagmanager.com/	347 KB 106 KB	103ms 54ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a693de4f6b410dd11738b9dc7fe5d8959d4ad8fa2e0a36ee83778431375d3e43 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 108311 x-xss-protection 0 last-modified Mon, 08 Jul 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 08 Jul 2024 03:19:02 GMT
GET H2	200	wallets-v2.json Show response raw.githubusercontent.com/ton-blockchain/wallets-list/main/	4 KB 2 KB	259ms 161ms	Fetch text/plain	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Full URL https://raw.githubusercontent.com/ton-blockchain/wallets-list/main/wallets-v2.json Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 06a1968b4448fb4365cb020058987cc95054607cc2b6cfbcb0e8875857b4eba1 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 9cb4254b5dbe3d071c94f7a4dc5946a83c7c228a content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip via 1.1 varnish x-cache MISS x-cache-hits 0 cross-origin-resource-policy cross-origin content-length 979 x-xss-protection 1; mode=block x-served-by cache-mad22071-MAD x-github-request-id 71CB:37FEB6:FD68D8:10BF0A4:668B5AA6 x-timer S1720408742.401799,VS0,VE118 etag W/"b1690d090c53c5195c1426eb558b625e4320dd226cefe3c66b01bf1d70f5f4a9" source-age 0 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type text/plain; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Mon, 08 Jul 2024 03:24:02 GMT
GET H2	200	UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 fonts.gstatic.com/s/inter/v13/	46 KB 46 KB	68ms 20ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://fonts.googleapis.com/ Origin https://payment.gmt.io Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 05 Jul 2024 01:18:40 GMT x-content-type-options nosniff age 266422 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46704 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:49:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Jul 2025 01:18:40 GMT
GET H2	200	get-invoice Show response payment.gmt.io/api/	697 B 502 B	499ms 499ms	XHR application/json	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/api/get-invoice?hash=0f13e012-cb7c-488f-aa86-9c7faef29005 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/258-79ce2e7badb541dc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6bc2e23b815e9a8f9662ef8381ec432b1983803d36aa306d8292770dabcaa7bc Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/json, text/plain, */* Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT strict-transport-security max-age=3600 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br server cloudflare x-powered-by Express etag W/"2b9-CgfNcym76yqE7apFpI7B7N8zwlg" x-frame-options DENY content-type application/json; charset=utf-8 cf-ray 89fcee2f8c058f3c-FRA x-xss-protection 1
GET H2	200	modules.e4b2dc39f985f11fb1e4.js Show response script.hotjar.com/	223 KB 56 KB	155ms 22ms	Script application/javascript	13.32.27.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e4b2dc39f985f11fb1e4.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3535041.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-107.fra56.r.cloudfront.net Software / Resource Hash 619feac205d68f6356fcad13d6758533011a8acc7830e3deb0f763249d7516c0 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 08:11:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 587275 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 56291 last-modified Mon, 01 Jul 2024 08:10:34 GMT etag "ca025d2d8ae4b3dc51e058b782590501" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id RA4VDzqWXM3g5sXY0un85qLo5ZZXbS0FTeQUH5uVwn2L8DHsUH8ZXQ==
GET H2	200	js Show response www.googletagmanager.com/gtag/	355 KB 117 KB	53ms 52ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a55b4fc53c1b4e90f2b271cfb079ac413468cc3b36f078413fa2ee6dd22eaf59 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 119405 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 08 Jul 2024 03:19:02 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	146ms 36ms	Script application/javascript	2a02:26f0:3500:10::210:a9a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:46:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=53706 accept-ranges bytes content-length 14004
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	200 KB 70 KB	405ms 133ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQRPRMS&gtm_auth=&gtm_preview=&gtm_cookies_win=x Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 75dbb4380a386220610babb812bafaed50a4f983fa198851836a64d6fad2b094 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding br strict-transport-security max-age=31536000 last-modified Wed, 03 Jul 2024 07:33:50 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6684fede-112d7" content-type application/javascript access-control-allow-origin * cache-control max-age=3600 timing-allow-origin * content-length 70359 expires Mon, 08 Jul 2024 04:19:02 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/	96 KB 29 KB	99ms 23ms	Script text/javascript	2600:9000:2644:1a00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2644:1a00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42033f4c03a7b739071863e5bf092684a541bac05e8c706867f99ce02c3a6e6c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers X-Amz-Version-Id vm_lOC50LS6_.nFVkapDJFPrcsEuZ9wj Content-Encoding gzip Via 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront) Date Mon, 08 Jul 2024 02:58:32 GMT Age 1231 X-Amz-Cf-Pop FRA60-P6 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Sat, 06 Jul 2024 21:39:37 GMT Server AmazonS3 Etag W/"f8f0b444feb99bc7616eafd75dc4f23a" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id bFmXsKhzbrR-kmqdpgBeQ2a_Zq-oRA1Zbhou84WKbtzLky9i12mGyQ==
GET H3	200	55fb90434d51a5053a08287736dbb52a verify.walletconnect.com/ Frame AB77	0 0	290ms 115ms	Document text/html	104.18.27.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://verify.walletconnect.com/55fb90434d51a5053a08287736dbb52a Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/173.4fafd5002c720c66.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.27.46 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-ancestors https://*.gmt.io https://gmt.io https://localhost:* http://localhost:* https://*.localhost:* http://*.localhost:* https://127.0.0.1:* http://127.0.0.1:* Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=180 cf-ray 89fcee323adc1e3e-FRA content-encoding br content-security-policy frame-ancestors https://*.gmt.io https://gmt.io https://localhost:* http://localhost:* https://*.localhost:* http://*.localhost:* https://127.0.0.1:* http://127.0.0.1:* content-type text/html; charset=UTF-8 date Mon, 08 Jul 2024 03:19:02 GMT server cloudflare vary Accept-Encoding x-csrf-token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MjA0MTIzNDJ9.c1jXDdiQlIe97GV3U15Re607Pzxobp5vJxrBoGmFriA
POST H2	204	collect region1.analytics.google.com/g/	0 0	61ms 17ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720408742277&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1792377030.1720408743&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720408742&sct=1&seg=0&dl=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&dt=GoMining%20Pay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=949&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://payment.gmt.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 253 B	78ms 23ms	Ping text/plain	2a00:1450:400c:c1f::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YJ8S729D47&cid=1792377030.1720408743&gtm=45je4730v898015106z8844930801za200zb844930801&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YJ8S729D47&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c1f::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://payment.gmt.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	register-conversion region1.google-analytics.com/privacy-sandbox/ Redirect Chain https://region1.analytics.google.com/g/collect?v=2&tid=G-YJ8S729D47&gtm=45je4730v898015106z8844930801za200zb844930801&_p=1720408742277&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=179237... https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1792377030.1720408743&dbk=18149095568382302447&dma=1&dma_cps=sypham&en=lp_page_view&gtm=45je4730v898015106z88449308...	0 0	18ms 17ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1792377030.1720408743&dbk=18149095568382302447&dma=1&dma_cps=sypham&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache attribution-reporting-register-trigger {"aggregatable_trigger_data":[{"key_piece":"0x570af6543bc790f0","source_keys":["1"]},{"key_piece":"0xee4db512e7ddf3aa","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"18149095568382302447","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["11220955287","11222171197"],"5":["07-08","07-07","07-06"]}} date Mon, 08 Jul 2024 03:19:02 GMT server Golfe2 content-type text/plain cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT server Golfe2 content-type text/html; charset=UTF-8 location https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1792377030.1720408743&dbk=18149095568382302447&dma=1&dma_cps=sypham&en=lp_page_view&gtm=45je4730v898015106z8844930801za200zb844930801&npa=1&tid=G-YJ8S729D47&dl=https%3A%2F%2Fpayment.gmt.io%3F access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 506 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.nl/ads/	42 B 408 B	85ms 30ms	Image image/gif	2a00:1450:4001:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YJ8S729D47&cid=1792377030.1720408743&gtm=45je4730v898015106z8844930801za200zb844930801&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1665958525 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 812 B	432ms 379ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 00D35D007663457EBA52899B932B5D25 Ref B: AMS04EDGE2105 Ref C: 2024-07-08T03:19:02Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYcs9/8dg9yxHOM/Y9QHg== x-fs-uuid 00061cb3dffc760f72c4738cfd8f501e
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&e_ipv6=AQJsXfFrnD5MwAAAA...	0 268 B	587ms 509ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&e_ipv6=AQJsXfFrnD5MwAAAAZCQWh3F4aBP6Kne8LyajPaJpQcxY65SK-jVTlzIhmlC1Jp0T89EI9L--YwFl48 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 998FA61EF2AA44E0AA9A78F08CFD972D Ref B: DUS30EDGE0917 Ref C: 2024-07-08T03:19:03Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYcs+ANOM3+Vbu2BCVKwg== Redirect headers date Mon, 08 Jul 2024 03:19:03 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 73EAD64578D446749FA273CC3D23E110 Ref B: AMS04EDGE2318 Ref C: 2024-07-08T03:19:02Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=6096569&time=1720408742726&url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&e_ipv6=AQJsXfFrnD5MwAAAAZCQWh3F4aBP6Kne8LyajPaJpQcxY65SK-jVTlzIhmlC1Jp0T89EI9L--YwFl48 x-li-proto http/2 content-length 0 x-li-uuid AAYcs+AELuG1taYhyhd42A==
GET H2	200	YXLQFXAOL5CMVA2SOH3S2G Show response d.adroll.com/consent/check/	503 B 1 KB	130ms 33ms	Script application/javascript	2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/YXLQFXAOL5CMVA2SOH3S2G?pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&_s=b6a44c5713611c9b158d088e57d17286&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash 56a968120684489af1f3111b6e84f21b9e6b8ec03f85c5dafd17c349ce4ccd50 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-type application/javascript pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 503 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	AtypDisplay-Medium.12352d0b.otf payment.gmt.io/_next/static/media/	174 KB 99 KB	36ms 36ms	Font font/otf	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/_next/static/media/AtypDisplay-Medium.12352d0b.otf Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/css/674562d336b5715c.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea4c02c75662317218088b7c82c3b1a2a20b9627ad43a4a5cf9127b8e62b6fe7 Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/_next/static/css/674562d336b5715c.css Origin https://payment.gmt.io Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=3600 last-modified Mon, 01 Jul 2024 14:32:54 GMT server cloudflare cf-cache-status HIT age 213775 etag W/"2b700-1906eb685f0" vary Accept-Encoding x-frame-options DENY content-type font/otf cache-control public, max-age=31536000, immutable cf-ray 89fcee32fe4d8f3c-FRA x-xss-protection 1
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	222 KB 59 KB	328ms 19ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 08 Jul 2024 03:19:03 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58293 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug yNYQakirfEmOzC4ZrCw29Uu6eSYGfsveAnpSLqst7u/ObM/7i7w0ubQdIvec0hF44nMYXB9vb7Ld+xFV/fYNOQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	LL5QICUPWVH43HMZXFRCTG Show response d.adroll.com/segment/YXLQFXAOL5CMVA2SOH3S2G/	42 B 2 KB	71ms 70ms	XHR image/gif	2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/segment/YXLQFXAOL5CMVA2SOH3S2G/LL5QICUPWVH43HMZXFRCTG?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&cookie=&adroll_s_ref=&keyw=&p0=738&adroll_external_data=&adroll_version=2.0 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/YXLQFXAOL5CMVA2SOH3S2G/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT x-attribution-url https%3A%2F%2Fx.adroll.com%2Fattribution%2Ftrigger%3Ffpc%3D88271fed9f63de808980fc7b36c3c1a6%26advertisable_eid%3DYXLQFXAOL5CMVA2SOH3S2G%26conversion_type%3DPageView%26conversion_value%3D0.0%26currency%3DEUR%26pv%3D72463020125.82173%26arrfrr%3Dhttps%253A%252F%252Fpayment.gmt.io%252Finvoice%252F0f13e012-cb7c-488f-aa86-9c7faef29005%253Ftwa%253Dios x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type p content-length 42 pragma no-cache x-conversion-value 0.0 server nginx/1.22.1 x-rule * x-segment-eid UVHIYEQGSFDRPJU2LYNGKJ access-control-allow-methods GET content-type image/gif access-control-allow-origin https://payment.gmt.io access-control-expose-headers X-Advertisable-Eid, X-Attribution-Url, X-Segment-Eid, X-Segment-Display-Name, X-Segment-Name, X-Conversion-Currency, X-Conversion-Value, X-Rule, X-Rule-Type, X-Organization-Eid, X-Pixel-Eid cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true access-control-request-methods GET x-pixel-eid LL5QICUPWVH43HMZXFRCTG x-organization-eid M4RZTSFYWZB5FFDY4CXUZE access-control-allow-headers Content-Type, * x-advertisable-eid YXLQFXAOL5CMVA2SOH3S2G x-conversion-currency EUR x-segment-name *
GET H/1.1	200 OK	sync x.bidswitch.net/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://x.bidswitch.net/sync?dsp_id=44&user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI	43 B 235 B	242ms 16ms	Image image/gif	35.214.149.91 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/sync?dsp_id=44&user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol HTTP/1.1 Server 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS 91.149.214.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Mon, 08 Jul 2024 03:19:03 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers location https://x.bidswitch.net/sync?dsp_id=44&user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 96 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	pixel cm.g.doubleclick.net/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cb5z3vDBkdT5dex7gRZ-6w	170 B 409 B	86ms 29ms	Image image/png	216.58.206.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cb5z3vDBkdT5dex7gRZ-6w Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 216.58.206.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s08-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=cb5z3vDBkdT5dex7gRZ-6w pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 99 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H3	200	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005... https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742&C=1	43 B 734 B	31ms 31ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742&C=1 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H3 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnNcvvQ1lUzAnp3eFH%2BQ5lf9ClnrQQsUz%2Bi57N0oRMx3UeyTOQLzMlMb9yg6w20Qm62VWqKdUhl6l1by%2Fc8qBbl7Woz8w2p%2BIX7Y5p6Z2oahLpKQjqt1qblFNN%2FppEAge9wda%2F0dNZL2bQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 89fcee3419c64da4-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdzW%2BI0P0ceY5DpG%2BLGBlVyMva%2F6LECdhupUfSbuygVvG9W9v%2FHpCDWw%2BUrjz3lmyGjygIjX5C16nEozVL%2B1kJNDfx6L6D9H%2FZPK0WqYlGBNjk1i2AcYKFP9RXKyvYxVuYxtsbUwKKz5Jw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=105&external_user_id=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expiration=1751944742&C=1 cache-control no-cache cf-ray 89fcee33e9b34da4-FRA alt-svc h3=":443"; ma=86400 content-length 0 expires 0
GET H2	200	out d.adroll.com/cm/l/	42 B 180 B	69ms 65ms	Image image/gif	2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/l/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&advertisable=YXLQFXAOL5CMVA2SOH3S2G Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe05:ddd3:c23f:229f:d01c Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-transform,public,max-age=300,s-maxage=900 server nginx/1.22.1 content-length 42 vary Cookie content-type image/gif
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expires=365	0 239 B	103ms 21ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expires=365 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 8f052d4f888ae4e0626c5f819879cacd P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&expires=365 pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 124 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://us-u.openx.net/w/1.0/sd?id=537103138&val=71be73def0c191d4f975ec7b81167eeb&gdpr=1&gdpr_consent=	43 B 264 B	68ms 20ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537103138&val=71be73def0c191d4f975ec7b81167eeb&gdpr=1&gdpr_consent= Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?id=537103138&val=71be73def0c191d4f975ec7b81167eeb&gdpr=1&gdpr_consent= pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 108 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29... https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=&us_privacy=1---	0 218 B	276ms 89ms	Image text/plain	70.42.32.223 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=&us_privacy=1--- Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol HTTP/1.1 Server 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT cache-control no-cache strict-transport-security max-age=31536000; includeSubDomains; preload x-traceid c9bede996bd9e9527c7e4e5831e3e172 content-length 0 Redirect headers location https://sync.outbrain.com/cookie-sync?p=adroll&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=&us_privacy=1--- pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 137 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	Pug image2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29... https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...	42 B 540 B	91ms 19ms	Image image/gif	185.64.191.210 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Mon, 08 Jul 2024 03:19:01 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 212 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	0 125 B	166ms 61ms	Image text/plain	3.71.149.231 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-71-149-231.eu-central-1.compute.amazonaws.com Software ATS/9.1.10.121 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.121 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 169 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	204	rtb-h sync.taboola.com/sg/adroll-network/1/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef290... https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI	0 90 B	92ms 13ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 11919 Redirect headers location https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 111 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef... https://eb2.3lift.com/xuid?mid=4714&xuid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&dongle=c85e	37 B 140 B	74ms 19ms	Image image/gif	13.248.245.213 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=4714&xuid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&dongle=c85e Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 13.248.245.213 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers location https://eb2.3lift.com/xuid?mid=4714&xuid=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI&dongle=c85e pragma no-cache date Mon, 08 Jul 2024 03:19:02 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 102 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ft... https://ib.adnxs.com/setuid?entity=172&code=NzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI	43 B 1 KB	13ms 13ms	Image image/gif	185.89.210.46 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT an-x-request-uuid f572cbab-892d-4afb-9392-c8632964c4ed server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.48.94.41; 37.48.94.41; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT an-x-request-uuid a4c3bbcb-9bcf-4cd7-ae75-e6eef631c8d3 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNzFiZTczZGVmMGMxOTFkNGY5NzVlYzdiODExNjdlZWI cache-control no-store, no-cache, private x-proxy-origin 37.48.94.41; 37.48.94.41; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	LL5QICUPWVH43HMZXFRCTG ipv4.d.adroll.com/seg4/YXLQFXAOL5CMVA2SOH3S2G/	42 B 591 B	123ms 33ms	Image image/gif	52.49.22.21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ipv4.d.adroll.com/seg4/YXLQFXAOL5CMVA2SOH3S2G/LL5QICUPWVH43HMZXFRCTG?adroll_fpc=88271fed9f63de808980fc7b36c3c1a6-1720408742891&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&cookie=&adroll_s_ref=&keyw=&p0=738&adroll_external_data=&adroll_version=2.0 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.22.21 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-22-21.eu-west-1.compute.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:03 GMT x-segment-display-name Visitors to Unsegmented Pages x-rule-type p content-length 42 pragma no-cache x-conversion-value 0.0 server nginx/1.22.1 x-rule * x-segment-eid UVHIYEQGSFDRPJU2LYNGKJ content-type image/gif access-control-allow-origin access-control-expose-headers X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true access-control-request-methods GET x-pixel-eid LL5QICUPWVH43HMZXFRCTG x-segment-name * access-control-allow-headers * x-advertisable-eid YXLQFXAOL5CMVA2SOH3S2G x-conversion-currency EUR
GET H2	200	trigger x.adroll.com/attribution/	2 B 641 B	128ms 30ms	Image text/plain	2a05:d018:cc3:fe08:4977:9c3c:af5a:af41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.adroll.com/attribution/trigger?fpc=88271fed9f63de808980fc7b36c3c1a6&advertisable_eid=YXLQFXAOL5CMVA2SOH3S2G&conversion_type=PageView&conversion_value=0.0&currency=EUR&pv=72463020125.82173&arrfrr=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a05:d018:cc3:fe08:4977:9c3c:af5a:af41 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:03 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"6370899796092272387","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"6370899796092272387","filters":{"source_type":["navigation"]}}],"debug_key":"14484064776129855622","debug_reporting":true,"filters":{"0":["YXLQFXAOL5CMVA2SOH3S2G"]},"aggregatable_trigger_data":[{"key_piece":"0x00000000000000000000000000000000","source_keys":["1"]}],"aggregatable_values":{"1":8192},"aggregatable_deduplication_keys":[{"deduplication_key":"14948558276950699106"}]} content-length 2 content-type text/plain; charset=utf-8
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10423.GbW1VHuncSZj3fcIoQpYK-w2rgs7ogPqcuMv_efkCj0SsAQZ21ZhiDJbuFli0rb6.urXVmTu694ovTjt1bZTb3ophUeM%2C https://mc.yandex.com/sync_cookie_image_decide?token=10423.I1d6ZZkQtQeD8gn7VhFTdaXWgQGlSJVaCcPvUzkQnpCO8Zlq9Ri2gqSjVVsEDIAA_mbAl3ZEZ8eLMYAzJ1wBMXo-jykFGCiEQYPCl_kLpt3J7MzdjhZ47L8JuQ5TFckIgfe-lfrtSG...	43 B 675 B	61ms 61ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=10423.I1d6ZZkQtQeD8gn7VhFTdaXWgQGlSJVaCcPvUzkQnpCO8Zlq9Ri2gqSjVVsEDIAA_mbAl3ZEZ8eLMYAzJ1wBMXo-jykFGCiEQYPCl_kLpt3J7MzdjhZ47L8JuQ5TFckIgfe-lfrtSGtTWyiFrTV87pWcS33B-ghecA2-BQIQ1lMf25PN1-o0ggW_4KPXJ2rM78XUr0cQOjTuxY_BlqhqZ22CixqA4xL4nAM8E2BGMT8%2C.HLmH7eVKMAaNNDAmqI2foKDF75s%2C Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=10423.I1d6ZZkQtQeD8gn7VhFTdaXWgQGlSJVaCcPvUzkQnpCO8Zlq9Ri2gqSjVVsEDIAA_mbAl3ZEZ8eLMYAzJ1wBMXo-jykFGCiEQYPCl_kLpt3J7MzdjhZ47L8JuQ5TFckIgfe-lfrtSGtTWyiFrTV87pWcS33B-ghecA2-BQIQ1lMf25PN1-o0ggW_4KPXJ2rM78XUr0cQOjTuxY_BlqhqZ22CixqA4xL4nAM8E2BGMT8%2C.HLmH7eVKMAaNNDAmqI2foKDF75s%2C date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 601 B	70ms 70ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 last-modified Wed, 03 Jul 2024 07:33:50 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "6684fede-2b" content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes timing-allow-origin * content-length 43 expires Mon, 08 Jul 2024 04:19:03 GMT
GET H2	200	1 Show response mc.yandex.com/watch/95709663/ Redirect Chain https://mc.yandex.com/watch/95709663?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%... https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3...	447 B 539 B	63ms 62ms	Fetch application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1598307951060%3Ahid%3A808464977%3Az%3A120%3Ai%3A20240708051903%3Aet%3A1720408743%3Ac%3A1%3Arn%3A553952724%3Arqn%3A1%3Au%3A1720408743182077350%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A561%3Awv%3A2%3Ads%3A0%2C47%2C88%2C2%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1720408741754%3Agi%3AR0ExLjEuMTc5MjM3NzAzMC4xNzIwNDA4NzQz%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720408743%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 Requested by Host: payment.gmt.io URL: https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Protocol H2 Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash f14f7782cfd32e8eca13476d044377837a5c5aa7922a94ac6cda84c5b9387515 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08-Jul-2024 03:19:03 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA content-type application/json; charset=utf-8 access-control-allow-origin https://payment.gmt.io cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 447 x-xss-protection 1; mode=block expires Mon, 08-Jul-2024 03:19:03 GMT Redirect headers pragma no-cache date Mon, 08 Jul 2024 03:19:03 GMT strict-transport-security max-age=31536000 last-modified Mon, 08-Jul-2024 03:19:03 GMT accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA location /watch/95709663/1?wmode=7&page-url=https%3A%2F%2Fpayment.gmt.io%2Finvoice%2F0f13e012-cb7c-488f-aa86-9c7faef29005%3Ftwa%3Dios&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2szwsjgf7xv79i57r93v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A1598307951060%3Ahid%3A808464977%3Az%3A120%3Ai%3A20240708051903%3Aet%3A1720408743%3Ac%3A1%3Arn%3A553952724%3Arqn%3A1%3Au%3A1720408743182077350%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A561%3Awv%3A2%3Ads%3A0%2C47%2C88%2C2%2C0%2C0%2C%2C71%2C0%2C%2C%2C%2C522%3Aco%3A0%3Acpf%3A1%3Ans%3A1720408741754%3Agi%3AR0ExLjEuMTc5MjM3NzAzMC4xNzIwNDA4NzQz%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720408743%3At%3AGoMining%20Pay&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29 access-control-allow-origin https://payment.gmt.io cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Mon, 08-Jul-2024 03:19:03 GMT
GET H2	200	metrika_match.html mc.yandex.com/metrika/ Frame 773F	0 0	247ms 113ms	Document text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/metrika/metrika_match.html Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://payment.gmt.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-origin * cache-control max-age=3600 content-encoding br content-length 1048 content-type text/html date Mon, 08 Jul 2024 03:19:03 GMT etag "6684fede-418" expires Mon, 08 Jul 2024 04:19:03 GMT last-modified Wed, 03 Jul 2024 07:33:50 GMT strict-transport-security max-age=31536000 timing-allow-origin *
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 196 B	196ms 196ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://payment.gmt.io/ sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:04 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 2BB53A9EF0AD40C0992AADD7347C4933 Ref B: AMS04EDGE2318 Ref C: 2024-07-08T03:19:04Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 access-control-allow-origin https://payment.gmt.io x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYcs+AQRMkATjdgyrZ0Fg==
GET H3	200	logo-288.png wallet.tg/images/	24 KB 25 KB	69ms 31ms	Image image/png	172.67.73.11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wallet.tg/images/logo-288.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c30dcf8baf07a22361167e8dc7e8152274db474fadf9eea0a1e7bcd9a24df9e Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://sentry.rtbst.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; Strict-Transport-Security max-age=2592000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:04 GMT content-encoding gzip x-content-type-options nosniff content-security-policy default-src 'self'; connect-src 'self' https://sentry.rtbst.com; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:; font-src 'self'; object-src 'none'; base-uri 'self'; form-action 'self'; frame-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests; nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 5991 strict-transport-security max-age=2592000; includeSubDomains; preload alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 27 Jun 2024 12:56:39 GMT server cloudflare etag W/"5f15-19059c4f758" vary Accept-Encoding x-frame-options DENY content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1suODYkQcHCO3N1bPYbpDItfYCgJ7zCYApRxpCMT1m0ste6exjT8iD%2Butv%2B4tcBN38%2BQhXnFucNRYbVZpRQUaVeXxtUmDnFOqcsxTvPtj46DI5NxCpYf6ea%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=7200 cf-ray 89fcee3ab87d3659-FRA
GET H2	200	tonconnect-icon.png tonkeeper.com/assets/	4 KB 4 KB	94ms 30ms	Image image/png	2606:4700:20::681a:26b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tonkeeper.com/assets/tonconnect-icon.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:26b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7dfcb629bcffa853b06362c4b73d3198888bc01ab6b1b68a84409bde0b5481bd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:04 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1461 content-length 3795 referrer-policy strict-origin-when-cross-origin server cloudflare etag "28430af1f378c22ac4ef6c3762d07739" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSiJBGdXC6yNEpLZbCLYAhst%2BCJ8NasPmsacocp4JTGgP4z9nJzv%2FZiaTXvBJz9vM762bVp6isjR2wRf%2BM12Aiy2XYFbe6erRkzHMLXJI11GL3UWMOPRuqfBjbEt%2Fk7y"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 89fcee3aef779be6-FRA
GET H2	200	icon-256.png mytonwallet.io/	62 KB 63 KB	76ms 19ms	Image image/png	35.156.224.161 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mytonwallet.io/icon-256.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.156.224.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-156-224-161.eu-central-1.compute.amazonaws.com Software Netlify / Resource Hash 3f91196a009107e70e5f3a49321aafdd7ca187d3a8b1ab825382e95a63d4a6ae Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nf-request-id 01J285M86BC07GXTM4AW226K5A date Mon, 08 Jul 2024 03:19:04 GMT strict-transport-security max-age=31536000 server Netlify age 47789 cache-status "Netlify Edge"; hit etag "f1fa0e10f9b68c8f9a08ff6ce3c555ad-ssl" content-type image/png cache-control public,max-age=0,must-revalidate accept-ranges bytes content-length 63891
GET H2	200	openmask-logo-288.png raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/	7 KB 7 KB	190ms 102ms	Image image/png	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/OpenProduct/openmask-extension/main/public/openmask-logo-288.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25ef6e0912f90e0adea8597b19554aa1518521e6cf0a88cfaec303808cf4d4b8 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 33de4d69c369507222027039dc1a48808f45aad5 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 08 Jul 2024 03:19:04 GMT via 1.1 varnish x-cache-hits 5 x-cache HIT cross-origin-resource-policy cross-origin content-length 6912 x-xss-protection 1; mode=block x-served-by cache-mad2200130-MAD x-github-request-id D746:1B302A:8CCA44:941427:665556F5 x-timer S1720408744.183466,VS0,VE0 etag W/"3bd3143ce8353aa8b9d4296ec4a937b1000cf8fc46a68e40afc9cb03a4030555" source-age 232 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Mon, 08 Jul 2024 03:24:04 GMT
GET H2	200	tonconnect_logo.png tonhub.com/	68 KB 68 KB	102ms 42ms	Image image/png	2606:4700:20::ac43:495a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://tonhub.com/tonconnect_logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:495a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6781d3a7cdd5d44f7083892ec03d04058bca8214da9e7f27300e9a68e5b6aff3 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:04 GMT strict-transport-security max-age=63072000 cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-disposition inline; filename="tonconnect_logo.png" content-length 69267 x-vercel-id cdg1::4z9cw-1720398171138-506d53d0079d server cloudflare x-matched-path /tonconnect_logo.png etag "aafd05d9de4af75985d1b39589517d53" x-vercel-cache HIT vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIv6d4T%2FDw0j2wmHplCn9KorNYsqieV6wB8fRN3WE8RgmqTkar42luOQO2XTja8oLj7RBMWXNp7Qao4BgZDl09LRzcUsqCZ3E5U4cBIeWNA9esKo8%2BXLD%2FNzUiZMYreQHo%2Bd1snNTd8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 89fcee3ae8969f23-FRA
GET H2	200	WalletAvatar.png raw.githubusercontent.com/delab-team/manifests-images/main/	711 KB 712 KB	229ms 142ms	Image image/png	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/delab-team/manifests-images/main/WalletAvatar.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ddb20771135c376efeec8385304d44425d77eb0e2f9949f501d83d8b5835f530 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 072390acf6871ddd334989cda17882496115ec07 content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 08 Jul 2024 03:19:04 GMT via 1.1 varnish x-cache-hits 1 x-cache HIT cross-origin-resource-policy cross-origin content-length 728102 x-xss-protection 1; mode=block x-served-by cache-mad2200130-MAD x-github-request-id 33DA:24E82D:7CEFA7:84112B:666ADD69 x-timer S1720408744.183455,VS0,VE1 etag W/"df457b9b9debab993ac009ec9303b0d5d87ce19fbc63bd76050a8d2984b89909" source-age 43 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Mon, 08 Jul 2024 03:24:04 GMT
GET H3	200	icon-256-back.png xtonwallet.com/assets/img/	8 KB 8 KB	67ms 26ms	Image image/png	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xtonwallet.com/assets/img/icon-256-back.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ace8dd194c4e421b91d44669bab890974dc28265a1196dd41c48c70abe8debc0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 59e411b40311a4cabd8b06c67f6217917f46f6fb date Mon, 08 Jul 2024 03:19:04 GMT via 1.1 varnish expires Tue, 25 Jun 2024 10:48:56 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 472 x-cache HIT x-proxy-cache MISS alt-svc h3=":443"; ma=86400 content-length 7747 x-served-by cache-fra-eddf8230030-FRA last-modified Fri, 07 Apr 2023 15:34:09 GMT server cloudflare x-github-request-id A044:22CBC0:5ABE50:5C6787:65DD252C x-timer S1711138803.572057,VS0,VE2 etag "643037f1-1e43" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIjFxpjT2kvONKcCNGVKPJoJ8EvINySRzVkjV1c%2F500w7gH%2Ft8HaZSHRcMBejp0IYo6j09Q9%2F%2Fj6IBIEcE7gYzwuaUm8mIUDTsYvoy0Tt%2BqjWt48CUa8s%2BVkC2Q864qSiQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 89fcee3acbd04db8-FRA x-cache-hits 1
GET H2	200	qr-logo.png wallet.ton.org/assets/ui/	16 KB 16 KB	93ms 26ms	Image image/png	2606:4700:20::681a:fd5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wallet.ton.org/assets/ui/qr-logo.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:fd5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc41e7e2c2e72d3c3d78893bdf5bdfbb2aad0ada2e447e30fb9fa81b60f01005 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id 75ddd5bf062322ec2a696f64fb3ca33725c2b6b1 date Mon, 08 Jul 2024 03:19:04 GMT strict-transport-security max-age=31556952 via 1.1 varnish expires Thu, 04 Jul 2024 00:37:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 519 x-cache HIT x-proxy-cache MISS content-length 16076 x-served-by cache-fra-eddf8230155-FRA last-modified Sun, 11 Feb 2024 19:07:35 GMT server cloudflare x-github-request-id 2E00:D535:6A107F:6C91B4:6685EC62 x-timer S1720390796.020478,VS0,VE1 etag "65c91af7-3ecc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUjZgV%2FFkk4Fd1dxr829SKLsJqUMN0lGKFVR3OkgD%2BF3CPLUXW3zIpK0A8dtO%2FItYcbS7WVW9at7XXIQ%2B9OqJZvDD4TCYyQNbOpLQJlnI5lQ%2FzU7gwO%2BVwAYGjkgq8JPoWJn5PAVFzp6RhAx"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=7200 permissions-policy interest-cohort=() accept-ranges bytes cf-ray 89fcee3afa1291f9-FRA x-cache-hits 0
GET H2	200	bitget%20wallet_logo_iOS.png raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/	284 KB 285 KB	129ms 43ms	Image image/png	2606:50c0:8001::154 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://raw.githubusercontent.com/bitkeepwallet/download/main/logo/png/bitget%20wallet_logo_iOS.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b4459fe039243c658d5b3b92cfd7fe9f6f23caa8d8745800224b581758fdf199 Security Headers Name Value Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fastly-request-id f523f6ad6bb140dd524e68a9c9e211d2ec2a39ec content-security-policy default-src 'none'; style-src 'unsafe-inline'; sandbox strict-transport-security max-age=31536000 x-content-type-options nosniff date Mon, 08 Jul 2024 03:19:04 GMT via 1.1 varnish x-cache-hits 5 x-cache HIT cross-origin-resource-policy cross-origin content-length 291157 x-xss-protection 1; mode=block x-served-by cache-mad2200130-MAD x-github-request-id 866E:0DD7:2B1FC07:2D65566:668370D1 x-timer S1720408744.183426,VS0,VE0 etag W/"179f9f8169f0216f0ad6ea7793e097dd66377b0d77a2adf73b9217b0222b949f" source-age 288 x-frame-options deny vary Authorization,Accept-Encoding,Origin content-type image/png access-control-allow-origin * cache-control max-age=300 accept-ranges bytes expires Mon, 08 Jul 2024 03:24:04 GMT
GET H2	200	SafePal_x288.png s.pvcliping.com/web/public_image/	735 B 1 KB	455ms 25ms	Image image/png	2a0b:21c0:5002:4::a ZEN-ECN
General Check archive.org Show headers Download Go to Show image Full URL https://s.pvcliping.com/web/public_image/SafePal_x288.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a0b:21c0:5002:4::a Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US), Reverse DNS Software openresty / Resource Hash 2173dbf44e5b986d15cb52b206af9e85e2dcc4808aebd6f7f29fdb5949f5fa4a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-log X-Log date Mon, 08 Jul 2024 03:19:04 GMT x-svr IO content-md5 0538634f954d877d5ed633b704fc475d x-reqid pAQAAACX5OFDStoX x-cache HIT from BC226_FR-Paris-Paris-3-cache-1(cloudsvr) content-transfer-encoding binary content-disposition inline; filename="SafePal_x288.png"; filename*=utf-8''SafePal_x288.png content-length 735 x-m-reqid 3YwAABr97KBEStoX x-m-log QNM:dal51;QNM3 last-modified Thu, 15 Dec 2022 09:28:55 GMT server openresty etag "FpfPjmaer6Bl2WSld8f1ivFddVWs" access-control-max-age 2592000 content-type image/png access-control-allow-origin * access-control-expose-headers X-Log, X-Reqid cache-control public, max-age=31536000 accept-ranges bytes x-qiniu-zone na0 x-qnm-cache Hit x-ser BC19_dx-lt-yd-jiangsu-yancheng-8-cache-2, BC226_FR-Paris-Paris-3-cache-1
POST H2	204	rum Show response payment.gmt.io/cdn-cgi/	0 164 B	29ms 27ms	XHR text/plain	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Mon, 08 Jul 2024 03:19:04 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://payment.gmt.io x-frame-options DENY access-control-allow-credentials true cf-ray 89fcee3a8b838f3c-FRA
GET H2	200	uyrxot0s Show response widget.intercom.io/widget/	7 KB 3 KB	86ms 21ms	Script application/javascript	13.224.189.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/uyrxot0s Requested by Host: payment.gmt.io URL: https://payment.gmt.io/_next/static/chunks/pages/_app-0b81273926c53f4c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-18.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 035d6c44112d2cb3bb5bec7cdf82b0bc4f463e459d949ad67a6eb50b7225dc4d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id eek9KFe81_rdrGEROge.QvlTxJMyiyl_ content-encoding gzip via 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront) date Mon, 08 Jul 2024 03:16:06 GMT x-amz-cf-pop FRA2-C1 age 188 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2668 last-modified Thu, 04 Jul 2024 16:21:24 GMT server AmazonS3 etag "a4ad2f4284a0a132d8a05c885ee87f9c" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id 6kVQjwHcpyAou6Pm-M8Sg9KuhkLD0gcvttkDzBJejvUk1DAmnqjCUQ==
GET H2	200	favicon-32x32.png payment.gmt.io/favicon/	1 KB 1 KB	73ms 71ms	Other image/png	2606:4700:10::6816:43d1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://payment.gmt.io/favicon/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:43d1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c509b71e2b6c76a4a1061fe1989cfdf15bb80a55e189d5d1661cd36ea8d47f3c Security Headers Name Value Strict-Transport-Security max-age=3600 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://payment.gmt.io/invoice/0f13e012-cb7c-488f-aa86-9c7faef29005?twa=ios Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 08 Jul 2024 03:19:04 GMT strict-transport-security max-age=3600 x-content-type-options nosniff cf-cache-status REVALIDATED last-modified Mon, 01 Jul 2024 14:28:41 GMT server cloudflare etag W/"477-1906eb2a9a8" x-frame-options DENY vary Accept-Encoding content-type image/png cache-control public, max-age=0 accept-ranges bytes cf-ray 89fcee3a9b878f3c-FRA content-length 1143 x-xss-protection 1
GET H2	200	frame-modern.b4b6b51d.js Show response js.intercomcdn.com/ Frame 36CB	458 KB 138 KB	348ms 22ms	Script application/javascript	18.245.46.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.b4b6b51d.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/uyrxot0s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.20 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-20.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 64351ef7026b06738077bcf9a5be86bf7692a1f3814e638d59ee1a5a8ae17b56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id uvqm.ogeYnvR_AGasCsJz0goDf3XsLuM content-encoding gzip via 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront) date Mon, 08 Jul 2024 02:21:28 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 3457 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 141000 last-modified Thu, 04 Jul 2024 16:18:01 GMT server AmazonS3 etag "f4ae053a1e340c217f12e7f3bb7c8620" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id ZA_VLnkFKk5zSJsP_5_tqC21Lp61stI9IupGCqCDipuvIqeDMhIIUg==
GET H2	200	vendor-modern.bc52aebd.js Show response js.intercomcdn.com/ Frame 36CB	455 KB 145 KB	392ms 67ms	Script application/javascript	18.245.46.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.bc52aebd.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/uyrxot0s Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.20 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-20.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash eea9f67534400ce075ffffb3d0f45c43300e6c6e244d5b566dca5fedb480e087 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id Mw1h9i8Md7P3qjd15fFHiY3cqmFJcVuL content-encoding gzip via 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront) date Mon, 08 Jul 2024 03:17:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 75 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 147287 last-modified Thu, 04 Jul 2024 09:15:11 GMT server AmazonS3 etag "045ab66ea0acdc79774f2aae33a45b67" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id OBjDbZZNGvNnhQCE9luhQliSFmXHOJ-V-bKYDTsGEDXxxwOYmMV3aw==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 36CB	4 KB 2 KB	549ms 343ms	XHR application/json	3.228.92.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.228.92.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-92-199.compute-1.amazonaws.com Software nginx / Resource Hash 0fc831ef0a184621832d394b25ffb6bc32786aca8e0deb257efc20dfc89e0b72 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 08 Jul 2024 03:19:05 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0876d08bfee18aafd status 200 OK x-xss-protection 1; mode=block x-request-id 0002os40tj8kv5emenu0 x-runtime 0.240361 server nginx etag W/"0fc831ef0a184621832d394b25ffb6bc" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://payment.gmt.io x-intercom-version bfac396cc5e370c04f70dc48f4945b82070d97d2 access-control-expose-headers x-request-id cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 36CB	4 KB 2 KB	348ms 348ms	XHR application/json	3.228.92.199 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.b4b6b51d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.228.92.199 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-228-92-199.compute-1.amazonaws.com Software nginx / Resource Hash 6a1b225fdc0aa41e0fd0c3852685c081720cd829ee376af5f6001018175bae4f Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 08 Jul 2024 03:19:05 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-0876d08bfee18aafd status 200 OK x-xss-protection 1; mode=block x-request-id 0002q5unqdukdllaf4pg x-runtime 0.245631 server nginx etag W/"6a1b225fdc0aa41e0fd0c3852685c081" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://payment.gmt.io x-intercom-version bfac396cc5e370c04f70dc48f4945b82070d97d2 access-control-expose-headers x-request-id cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA