www.mrgpartners.com Open in urlscan Pro
54.194.170.100 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mrgpartners.com/pay
Submission: On April 20 via manual (April 20th 2023, 5:23:21 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 67 HTTP transactions. The main IP is 54.194.170.100, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.mrgpartners.com.
TLS certificate: Issued by R3 on March 17th 2023. Valid for: 3 months.

This is the only time www.mrgpartners.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.194.170.100 54.194.170.100	16509 (AMAZON-02) (AMAZON-02)
8	18.66.112.117 18.66.112.117	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
5	35.201.118.58 35.201.118.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.232.47 52.222.232.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
10	2606:4700:10:... 2606:4700:10::ac43:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	2a06:98c1:312... 2a06:98c1:3123:e000::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	2606:4700:11:... 2606:4700:11::6817:860b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.190.41.132 35.190.41.132	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.66.112.77 18.66.112.77	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.61 18.66.112.61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:11:... 2606:4700:11::6817:850b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.231.16.77 173.231.16.77	18450 (WEBNX) (WEBNX)
67	26

1 54.194.170.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-170-100.eu-west-1.compute.amazonaws.com

www.mrgpartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.112.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-117.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.118.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.118.201.35.bc.googleusercontent.com

form.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
submit.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:76b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn01.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn02.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn03.jotfor.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3123:e000::c (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:11::6817:860b (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.190.41.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.41.190.35.bc.googleusercontent.com

files.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-77.fra56.r.cloudfront.net

cdn.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-61.fra56.r.cloudfront.net

js.calltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:11::6817:850b (United States)

ASN13335 (CLOUDFLARENET, US)

api.jotform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.16.77 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-77.static.webnx.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	jotform.com 3 redirects form.jotform.com — Cisco Umbrella Rank: 41758 www.jotform.com — Cisco Umbrella Rank: 55592 files.jotform.com — Cisco Umbrella Rank: 75229 submit.jotform.com — Cisco Umbrella Rank: 118039 api.jotform.com — Cisco Umbrella Rank: 165963 events.jotform.com — Cisco Umbrella Rank: 47735	124 KB
10	jotfor.ms cdn.jotfor.ms — Cisco Umbrella Rank: 41353 cdn01.jotfor.ms — Cisco Umbrella Rank: 44608 cdn02.jotfor.ms — Cisco Umbrella Rank: 46194 cdn03.jotfor.ms — Cisco Umbrella Rank: 47262	395 KB
8	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 17357	479 KB
6	google.com www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3425	689 B
4	calltrk.com cdn.calltrk.com — Cisco Umbrella Rank: 30792 js.calltrk.com — Cisco Umbrella Rank: 31916	61 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	212 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	225 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 189	136 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2662	116 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	5 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 5119	17 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	mrgpartners.com www.mrgpartners.com	6 KB
67	18

	Domain	Requested by
8	uploads-ssl.webflow.com	www.mrgpartners.com uploads-ssl.webflow.com
4	submit.jotform.com	browser.sentry-cdn.com
4	www.google.de	www.mrgpartners.com
4	www.jotform.com	3 redirects form.jotform.com
4	cdn.jotfor.ms	form.jotform.com
4	www.google.com	www.mrgpartners.com
3	js.calltrk.com	cdn.calltrk.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.mrgpartners.com
3	files.jotform.com	www.mrgpartners.com
3	cdn01.jotfor.ms	form.jotform.com
3	www.googletagmanager.com	www.mrgpartners.com www.googletagmanager.com
2	www.facebook.com	www.mrgpartners.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.mrgpartners.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	cdn02.jotfor.ms	form.jotform.com
1	api.ipify.org	d3e54v103j8qbb.cloudfront.net
1	events.jotform.com
1	api.jotform.com	browser.sentry-cdn.com
1	fonts.googleapis.com	cdn.jotfor.ms
1	cdn.calltrk.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	form.jotform.com
1	cdn03.jotfor.ms	form.jotform.com
1	browser.sentry-cdn.com	form.jotform.com
1	www.gstatic.com	www.google.com
1	d3e54v103j8qbb.cloudfront.net	www.mrgpartners.com
1	form.jotform.com	www.mrgpartners.com
1	www.mrgpartners.com
67	30

This site contains links to these domains. Also see Links.

Domain
mrg.lariatcentral.net
www.google.com
www.facebook.com
www.linkedin.com
geekpoweredstudios.com
mrgpartners.com

Subject Issuer	Validity	Valid
www.mrgpartners.com R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-26`	7 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
jotform.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-10` - `2023-10-20`	9 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-28` - `2023-04-28`	3 months	crt.sh
swappy.callrail.com Amazon RSA 2048 M01	`2023-03-02` - `2023-09-08`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2023-02-07` - `2024-02-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.mrgpartners.com/pay
Frame ID: 1FB159B650E026E33A34C1FA951DC6F4
Requests: 41 HTTP requests in this frame

Frame: https://cdn.jotfor.ms/stylebuilder/default.css?45df57e
Frame ID: 84694CC965DB4C953AAEA511D14FCB73
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quick Collection Account Payment

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

67
Requests

96 %
HTTPS

68 %
IPv6

18
Domains

30
Subdomains

26
IPs

4
Countries

1717 kB
Transfer

4749 kB
Size

15
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://mrg.lariatcentral.net/login
Title:  Log In

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Miller,+Ross+%26+Goldman+Commercial+Debt+Collection+Agency/@30.5217981,-97.8270014,17z/data=!3m1!4b1!4m5!3m4!1s0x865b2ce0554805fb:0xe730b33a4d0c81b6!8m2!3d30.5217981!4d-97.8248127?hl=en-US
Title:  Miller, Ross & Goldman HQ500 E Whitestone Blvd, Suite 850Cedar Park, Texas 78613

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mrgpartners/
Title: 

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mrgpartners
Title: 

Search URL Search Domain Scan URL

URL: https://geekpoweredstudios.com/
Title: Site By GPS

Search URL Search Domain Scan URL

URL: https://mrgpartners.com/contact-us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.jotform.com/uploads/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png HTTP 302
https://files.jotform.com/jufs/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png?md5=LJ_RFPqHUjzWlXrVZBsZHQ&expires=1682011406

Request Chain 23

https://www.jotform.com/uploads/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png HTTP 302
https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=mRPqFtrk90ktempqm5YYDA&expires=1682011406

Request Chain 66

https://www.jotform.com/uploads/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png HTTP 302
https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=bSWb4LisNixtsV2l_7l13Q&expires=1682011408

67 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pay Show response
www.mrgpartners.com/ 17 KB
6 KB 392ms
33ms Document
text/html 54.194.170.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-170-100.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e8a99d98b38b32d3247c801d7f0cb0bf5ea6e188879bbb4aadf376c715102d97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 75338
content-encoding: gzip
content-length: 5788
content-type: text/html
date: Thu, 20 Apr 2023 17:23:15 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-cluster-name: eu-west-1-prod-edge-blue
x-lambda-id: 13ff0666-5b9c-466f-9f0f-ce82bce30438
x-served-by: cache-iad-kiad7000119-IAD, cache-dub4346-DUB
x-timer: S1682011396.755766,VS0,VE1

GET
H2 200 mrgpartners.webflow.73d7caacb.min.css
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/ 68 KB
16 KB 55ms
10ms Stylesheet
text/css 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b86e604ed62656d57b4bc243753564a961715acd663f2aacaf1b723730d66e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 5t67rZZxWHVW0Tw7gHmBcFczoX19pSW7
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 05:58:22 GMT
age: 41094
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 15871
last-modified: Thu, 13 Apr 2023 14:26:16 GMT
server: AmazonS3
etag: "25a1c08670ae4f7432575b3450ce98b6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: nbpKA2TYt05jB7zo9EAOJv_1gU6QBOwgZDrrrNn66R2vYH4yyKZcaw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
878 B 159ms
79ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f96306e0b9812afef17e8935d14f0d5d458ae52549c129bb0b57f56d1b19331

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 1; mode=block
expires: Thu, 20 Apr 2023 17:23:15 GMT

GET
H2 200 230695226098160 Show response
form.jotform.com/jsform/ 71 KB
18 KB 192ms
140ms Script
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://form.jotform.com/jsform/230695226098160
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: CacheX v2.1 /
Resource Hash: 20d2fca2693592c57ace41653179a9f851d1b6d8327f22c7112051be870f4e7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:15 GMT
content-encoding: gzip
cache-hit: 1
via: 1.1 google
server: CacheX v2.1
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 34ms
9ms Script
application/javascript 52.222.232.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=62b09cf6ef62f7e2b5af7dcf
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.mrgpartners.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:20:53 GMT
content-encoding: br
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
age: 58108
x-amz-cf-pop: FRA56-P4
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-id: a2WS3Ag8stFaY6DyMHkBtIIu8jI6Awwh0zoEVkqLaH3m9Blx-whpvw==

GET
H2 200 webflow.4ec5ae716.js Show response
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/js/ 195 KB
69 KB 450ms
406ms Script
text/javascript 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/js/webflow.4ec5ae716.js
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b44cce37c2cebfb8f491b2c153ecf44d55aa3b0fad74a515ad19883f0539e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:17 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
x-amz-version-id: .GQ5WMyHHTJLy7blVFmCOKZqdkfe4q2f
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 70171
last-modified: Thu, 13 Apr 2023 14:26:16 GMT
server: AmazonS3
etag: "613d429705301af1842b69e9244d2551"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: CO6kX0a0E8wjnWCtqrKbTdGUSgbpES6gjKptUrO3lPSoFWEEtLTxhw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ 411 KB
165 KB 117ms
35ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff4271d2d0ee30878a4805694667aa650e27b8b89653a0a2564b1f8a6960537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mrgpartners.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168608
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 17:07:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
75 KB 133ms
53ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b751c78bcc01463b4386168703b78138c9402fabe27bd657538c961accaf01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76670
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 16:11:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 17:23:16 GMT

GET
H2 200 6350547eebd27f3cac18ed69_LibreBaskerville-Bold.ttf
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 152 KB
57 KB 27ms
10ms Font
application/x-font-ttf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/6350547eebd27f3cac18ed69_LibreBaskerville-Bold.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c53b7996461a51fdaeb489f01da8fc2191c22c71dd0d6b78f42ed5fb907b58

Request headers

Referer: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:26:10 GMT
x-amz-version-id: CyWM2PQFVbOvv5gx98P1wk1FMM2FRids
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 3661026
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 19 Oct 2022 19:48:15 GMT
server: AmazonS3
etag: W/"365ef8f393445525c3a0b4830cb46d80"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: DnCYn6qVxKeatyHKMvxA9vxq03bBEhDF8GJxd3UHVffknyZ_rN6K4A==

GET
H2 200 635054bd823762924c620d64_Muli.ttf
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 48 KB
29 KB 40ms
24ms Font
application/x-font-ttf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/635054bd823762924c620d64_Muli.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45acbaae00fb0cfa8413b582cd4c0dad9653c78a051a7215205079ccc7c7e233

Request headers

Referer: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:39:09 GMT
x-amz-version-id: 4N.jeetrnBWUQ.yU66kJDXD4kIpXoVIu
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 5039047
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 19 Oct 2022 19:49:18 GMT
server: AmazonS3
etag: W/"df7330254513d2fa2f4c1e9ee98cc6c6"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: j8W_oLopn1rn2iXgTb8pihGh4LSvkMGA03UuF05yLSpm0cf1TrkgiQ==

GET
H2 200 62b0c148d413743eb09a4cfe_fa-solid-900.ttf
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 379 KB
164 KB 42ms
26ms Font
application/x-font-ttf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/62b0c148d413743eb09a4cfe_fa-solid-900.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 03f2986c0824c68bdaf1e16947352f5fe417d03741806097fa9ea7131fe3a019

Request headers

Referer: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 09:39:09 GMT
x-amz-version-id: lTNsS2X2CYCXaina1c8IGnTsKjy0a.UC
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 5039047
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jun 2022 18:49:45 GMT
server: AmazonS3
etag: W/"738201559a50502aacabdbdb02720910"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: RElWxNAeHVFiSNFDiLVxie4fH0z5n4EEXdyEtcddogECYWBTO63OnQ==

GET
H2 200 635054bdef0e7c74dd7118e8_Muli-Bold.ttf
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 52 KB
30 KB 35ms
19ms Font
application/x-font-ttf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/635054bdef0e7c74dd7118e8_Muli-Bold.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e6f324f989608d1839dce2c7c4bd36adeca52d8454c3b5393da942afffd7b5a

Request headers

Referer: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:26:10 GMT
x-amz-version-id: L_WTCcPrQuTUgav5y6ztDHmPyMJ7hsNc
content-encoding: gzip
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 3661026
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 19 Oct 2022 19:49:18 GMT
server: AmazonS3
etag: W/"1e36ee6d50c037b1bb4bdd3effa7a28e"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: SkNPBmQM-GeH8g9oYuzIq4XSadatzazCrjwVslw7R68HvVJwYTxJpg==

GET
H2 200 62b0f64ad67fcf6eed9794cd_mrg-logo.svg
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 26 KB
10 KB 9ms
9ms Image
image/svg+xml 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/62b0f64ad67fcf6eed9794cd_mrg-logo.svg
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c16c22291be352957f3e32dffca4ebac9a2a7be088be3b3aa5b45b2d3347791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 07:31:50 GMT
x-amz-version-id: i38cXSmf.naDhxL6O2lnjV0__deQ.Asv
content-encoding: br
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
age: 2109086
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jun 2022 22:35:55 GMT
server: AmazonS3
etag: W/"2589a16cee65802d9cc65b6be5960777"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: _7IJJt-HgetLIqOH9jcnoO-M6NLQ6defiXHLq7ElO3vaZrDNktb8Vw==

GET
H2 200 default.css
cdn.jotfor.ms/stylebuilder/ Frame 8469 272 KB
52 KB 63ms
20ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/default.css?45df57e
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 233db32cb540e8c88b57d75253611a5b6f6f15002ac10ad6fd6be955297faacf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
age: 1481879
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Mon, 03 Apr 2023 13:45:15 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7baf12f93e239b3f-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 style.css
cdn.jotfor.ms/stylebuilder/230695226098160/ Frame 8469 42 KB
9 KB 203ms
160ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/stylebuilder/230695226098160/style.css?themeID=640cc14d39353260509b58ec&v=18e8f8673a6fd4569e9f08c1448b0d1b
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1e20a2aa37e03cee3e4231f5e73551dd7e275f62a23f64dd570bdb9fe92a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: MISS
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
global-router: true
x-static: 2
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=86400
x-form-cache: MISS-APP
cf-ray: 7baf12f93e249b3f-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT, Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 lang-dd.css
cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/ Frame 8469 16 KB
3 KB 70ms
28ms Stylesheet
text/css 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/wizards/languageWizard/custom-dropdown/css/lang-dd.css
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45cf9b3de6561edd7d94188310de6d7e0887a4c50e28ea53b2d92c2877940c39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-static: 2
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:18 GMT
server: cloudflare
age: 2961534
etag: W/"637f61fa-4069"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
cf-ray: 7baf12f93e259b3f-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.12.1/ Frame 8469 55 KB
17 KB 25ms
7ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.12.1/bundle.min.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.mrgpartners.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 04 Feb 2020 11:19:05 GMT
server: Fastly
age: 15941725
etag: "1c5228c89d281d08aa0ce908f582609a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17201
expires: Wed, 18 Oct 2023 05:07:51 GMT

GET
H2 200 prototype.forms.js Show response
cdn01.jotfor.ms/static/ Frame 8469 126 KB
33 KB 62ms
21ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/static/prototype.forms.js?3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 16:42:44 GMT
server: cloudflare
age: 866285
etag: W/"64343c84-1f932"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7baf12f93ea80487-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jotform.forms.js Show response
cdn02.jotfor.ms/static/ Frame 8469 556 KB
146 KB 65ms
24ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/static/jotform.forms.js?3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bbce3529f7cad551ba5b8efb2fab48e82375edee49dea799fdbdca39a1acd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 10 Apr 2023 16:42:44 GMT
server: cloudflare
age: 866221
etag: W/"64343c84-8afaf"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=315360000
cf-ray: 7baf12f93d6b2be9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 imageinfo.js Show response
cdn03.jotfor.ms/js/vendor/ Frame 8469 16 KB
5 KB 75ms
29ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn03.jotfor.ms/js/vendor/imageinfo.js?v=3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7eeeba23ee08ef3c7ea9fd649b04510617a18c12ae1e1174cff662943708feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-static: 2
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 08 Dec 2022 12:44:03 GMT
server: cloudflare
age: 36172
etag: W/"6391dc13-417f"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7baf12f94ddbbbe6-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 fileuploader.js Show response
cdn01.jotfor.ms/file-uploader/ Frame 8469 60 KB
15 KB 57ms
17ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/file-uploader/fileuploader.js?v=3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40589ab9463118f8e359e71ddef1239dbba584fc506e459d40513b4737591375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-static: 2
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 14 Mar 2023 08:03:32 GMT
server: cloudflare
age: 100471
etag: W/"64102a54-ef2b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7baf12f93ea90487-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 punycode.js Show response
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame 8469 14 KB
5 KB 222ms
30ms Script
application/javascript 2a06:98c1:3123:e000::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/punycode.js

Requested by

Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3123:e000::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 683487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4177
last-modified: Mon, 04 May 2020 16:15:40 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fac-394e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ci448Q1JJKBrxlvtkjWjkWNNksZE3PVpfHBJCGpRHTMn%2FaFRjr7fSg3pvuNf5BtgvT2bA06YPvfPcchAdsi%2FCW7iIyfo8%2BVNUn0bIK2GqF90U5uuki5Wpu8d8BjMj6NNTyDXqnc%2Fzw6kwqrr7soJZBcv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7baf12fa3edfbb49-FRA
expires: Tue, 09 Apr 2024 17:23:16 GMT

GET
H2 200 paypal.js Show response
cdn02.jotfor.ms/js/ Frame 8469 5 KB
2 KB 56ms
16ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.jotfor.ms/js/paypal.js?v=3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db9267a498f08f8c7c39c0e5a95014a9a5c28210ab560d6a687b514290f819ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-static: 2
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:22:16 GMT
server: cloudflare
age: 83175
etag: W/"637f61f8-1596"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7baf12f93d6c2be9-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png
files.jotform.com/jufs/mrggarrettp/form_files/ Frame 8469
Redirect Chain

https://www.jotform.com/uploads/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png
https://files.jotform.com/jufs/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png?md5=LJ_RFPqHUjzWlXrVZBsZHQ&expires=1682011406

43 KB
43 KB

230ms
147ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png?md5=LJ_RFPqHUjzWlXrVZBsZHQ&expires=1682011406
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ae591428e042e88608d1f160f98d59082deb2714e145283d5d69ba9dc047ac37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Thu, 20 Apr 2023 17:23:16 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:16 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/mrggarrettp/form_files/8dc66f9b5b3c3ff411efd70a8c9cef87.639dfe8d2e2bb7.94301324.png?md5=LJ_RFPqHUjzWlXrVZBsZHQ&expires=1682011406
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7baf12f93c399001-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

major-credit-card-logos.640ba42fd811a4.80959377.png
files.jotform.com/jufs/mrggarrettp/form_files/ Frame 8469
Redirect Chain

https://www.jotform.com/uploads/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png
https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=mRPqFtrk90ktempqm5YYDA&expires=1682011406

29 KB
29 KB

227ms
143ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=mRPqFtrk90ktempqm5YYDA&expires=1682011406
Requested by: Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: c2808c316352c60b7f90828b54fba93839d7bec24157611173f83d870d406762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Thu, 20 Apr 2023 17:23:16 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:16 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=mRPqFtrk90ktempqm5YYDA&expires=1682011406
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7baf12f93c3c9001-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 for-cardform-js.js Show response
cdn01.jotfor.ms/s/umd/c6f4ee4cf70/ Frame 8469 443 KB
116 KB 173ms
133ms Script
text/javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.jotfor.ms/s/umd/c6f4ee4cf70/for-cardform-js.js?4.5
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7cca550ff9f4bdbfe0ec52ca0eb5aaa2a7723322f6cdff56925da0815d8926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 10 Apr 2023 17:17:42 GMT
x-store: gcs
server: cloudflare
etag: W/"e5bbcfb5b352a5975653f01621ecf6cd"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400
cf-ray: 7baf12f93eb00487-FRA
expires: Thu, 20 Apr 2023 18:23:16 GMT

GET
H2 200 ownerView.php Show response
www.jotform.com/ Frame 8469 0
249 B 190ms
150ms Script
text/html 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jotform.com/ownerView.php?id=230695226098160
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7baf12f93c3e9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 formTranslation.v2.js Show response
cdn.jotfor.ms/js/ Frame 8469 60 KB
15 KB 58ms
19ms Script
application/x-javascript 2606:4700:10::ac43:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jotfor.ms/js/formTranslation.v2.js?3.3.40880
Requested by: Host: form.jotform.com
URL: https://form.jotform.com/jsform/230695226098160
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67b0d4c48e1c1ea2ce6026b4f62a13448de04996991909836435bacb59a26c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-static: 2
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 20 Mar 2023 12:32:01 GMT
server: cloudflare
age: 95038
etag: W/"64185241-f0c2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400
cf-ray: 7baf12f93e269b3f-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 62b0c1487669863b50f4038c_fa-brands-400.ttf
uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/ 178 KB
105 KB 17ms
10ms Font
application/x-font-ttf 18.66.112.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/62b0c1487669863b50f4038c_fa-brands-400.ttf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-117.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e523f49c12b13a176014af1a46ae5a0545b136bf56d496426aa881026d0c318a

Request headers

Referer: https://uploads-ssl.webflow.com/62b09cf6ef62f7e2b5af7dcf/css/mrgpartners.webflow.73d7caacb.min.css
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 07:29:44 GMT
x-amz-version-id: Dleg5wB7jBqyx3svEBLVmahJYPEck2Ib
content-encoding: br
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
age: 6342813
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jun 2022 18:49:45 GMT
server: AmazonS3
etag: W/"a78ffbbed2d858c61e068e3b756c9988"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: x8nJogzke1fgi9jdtLlFaP4LhwnTJ98i14Tc8vNhodxZCOl1Pkov9w==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 117ms
36ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 16:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 18:27:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032799244/ 2 KB
2 KB 162ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032799244/?random=1682011396169&cv=11&fst=1682011396169&bg=ffffff&guid=ON&async=1&gtm=45He34j0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&hn=www.googleadservices.com&frm=0&tiba=Quick%20Collection%20Account%20Payment&auid=458055500.1682011396&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

866cb9dfd7134971ffb7a353117304be5ddf02855572c177eadc57b80f66280e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1191
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 47ms
12ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 17:23:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27967
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KnGYMUbo8C32t17XUazVQ6Mc5K+u4MPFhnr/8EzHjCxbxLtJPW/5sprDoYxdvlXwpXyenyU/jy5LbHXE+d2bYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 swap.js Show response
cdn.calltrk.com/companies/303086409/78f71d341969f0e657f0/12/ 36 KB
37 KB 147ms
111ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.calltrk.com/companies/303086409/78f71d341969f0e657f0/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: /
Resource Hash: 8fc0d3cd59a582a37823b110573deb30e051ba9bc382900a3f4b9992ae995acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-runtime: 0.007286
date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"8fc0d3cd59a582a37823b110573deb30"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
timing-allow-origin: *
x-amz-cf-id: mtDBGVviJyDCMBl7ejTxmS5My7_CuolWZGHe-mMGUhphDVy2BFGb1Q==
x-request-id: 7cb69842-0afe-4f7e-92fa-0dcc623a64ce

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 201 KB
71 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1032799244

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02886efa568147a978adc18c05ca391339977c780e3a47f57fca6c9636ac1726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72184
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 16:11:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 17:23:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 229 KB
79 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E0FT9VT90D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WSZLCSJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f24dc6b08827e41961a7218a6ec9be0f2aa0cc016251030a56614c8111a792d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80938
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Apr 2023 17:23:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8469 12 KB
1 KB 151ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Requested by

Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/stylebuilder/230695226098160/style.css?themeID=640cc14d39353260509b58ec&v=18e8f8673a6fd4569e9f08c1448b0d1b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b46ef6fdce36e855ea7dc5a4c96551032bc2e217143d36b43593837b430e6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jotfor.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 17:22:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 17:23:16 GMT

GET
H2 200 203105084242923 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 89ms
88ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/203105084242923?v=2.9.102&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7ed603a660c1e0467ca8172e163b045c85958ff4904c7ec0a09f51bb5219476

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Apr 2023 17:23:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Q8gheCeeEbqgPXzjEVVHSmZXZVuxXV4YXBPSUGDkOfdJnWBACyTZXQMXMKguEnUSWo0PVFwo5EjU/km8NqBylA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 52ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E0FT9VT90D&gtm=45je34c0&_p=1060291541&_gaz=1&cid=1852477607.1682011396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682011396&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&dt=Quick%20Collection%20Account%20Payment&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E0FT9VT90D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrgpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 59ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E0FT9VT90D&cid=1852477607.1682011396&gtm=45je34c0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E0FT9VT90D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrgpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 162ms
80ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E0FT9VT90D&cid=1852477607.1682011396&gtm=45je34c0&aip=1&z=1546115610

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
150 B 43ms
42ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1060291541&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&ul=en-us&de=UTF-8&dt=Quick%20Collection%20Account%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=953857839&gjid=932786936&cid=1852477607.1682011396&tid=UA-147080598-1&_gid=2070547949.1682011396&_r=1&_slc=1&gtm=45He34j0h2n81WSZLCSJ&z=824771713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrgpartners.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrgpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 35ms
35ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1060291541&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&ul=en-us&de=UTF-8&dt=Quick%20Collection%20Account%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=1852477607.1682011396&tid=UA-147080598-1&_gid=2070547949.1682011396&gtm=45He34j0h2n81WSZLCSJ&z=207059655

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 07:22:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36044
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8469 288 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 8469 698 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8469 305 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8469 15 KB
16 KB 119ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 197525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8469 15 KB
15 KB 125ms
44ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:32:14 GMT
x-content-type-options: nosniff
age: 197462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:32:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8469 15 KB
16 KB 156ms
76ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:light,lightitalic,normal,italic,bold,bolditalic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.mrgpartners.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 228125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1032799244/ 3 KB
1 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1032799244/?random=1682011396622&cv=11&fst=1682011396622&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&hn=www.googleadservices.com&frm=0&tiba=Quick%20Collection%20Account%20Payment&auid=458055500.1682011396&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1032799244

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11cc2f30486535e09fbc413391f03d535f755d0d10ea6be61e02aed42bb0ead3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1208
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1032799244/ 42 B
327 B 50ms
49ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032799244/?random=1682011396169&cv=11&fst=1682010000000&bg=ffffff&guid=ON&async=1&gtm=45He34j0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&frm=0&tiba=Quick%20Collection%20Account%20Payment&fmt=3&is_vtc=1&random=802083274&rmt_tld=0&ipr=y

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1032799244/ 42 B
154 B 53ms
52ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1032799244/?random=1682011396169&cv=11&fst=1682010000000&bg=ffffff&guid=ON&async=1&gtm=45He34j0h2&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&frm=0&tiba=Quick%20Collection%20Account%20Payment&fmt=3&is_vtc=1&random=802083274&rmt_tld=1&ipr=y

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-147080598-1&cid=1852477607.1682011396&jid=953857839&gjid=932786936&_gid=2070547949.1682011396&_u=YADAAEAAAAAAACAAI~&z=827261052

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mrgpartners.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 20 Apr 2023 17:23:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrgpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 40ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=203105084242923&ev=PageView&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&rl=&if=false&ts=1682011396717&sw=1600&sh=1200&v=2.9.102&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1682011396715.436504347&it=1682011396242&coo=false&rqm=GET

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 17:23:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 external_forms.js Show response
js.calltrk.com/companies/303086409/ 23 KB
23 KB 220ms
191ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.calltrk.com/companies/303086409/external_forms.js?t=1682011396745&

Requested by

Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/303086409/78f71d341969f0e657f0/12/swap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-77.fra56.r.cloudfront.net

Software

Resource Hash

bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 4aa9c26d-3e83-4c28-862b-8b8913c2356a
x-runtime: 0.005494
referrer-policy: strict-origin-when-cross-origin
etag: W/"bb520d834b4b8107e8cd589e6fb93cf0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: oqnx9QnrYxOc_Ifvy5z03TZYyIKA0jXGiAEeolYD6e2YDkuzGLLVYw==

POST
H2 200 swap_session.json Show response
js.calltrk.com/group/0/78f71d341969f0e657f0/12/ 297 B
795 B 223ms
182ms XHR
application/json 18.66.112.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.calltrk.com/group/0/78f71d341969f0e657f0/12/swap_session.json
Requested by: Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/303086409/78f71d341969f0e657f0/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-61.fra56.r.cloudfront.net
Software: /
Resource Hash: aae187b391784ca48ed729aae439e0d26ad3cc57e71eeaaead511f70eae21b12

Request headers

Accept: application/json
Referer: https://www.mrgpartners.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

x-runtime: 0.063716
date: Thu, 20 Apr 2023 17:23:16 GMT
via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"aae187b391784ca48ed729aae439e0d2"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
vary: Origin
x-amz-cf-id: 9KAP1nd3m97Zdqa-f2hD6wzlEWt8SKcqu5ZtsadwK8fidURtp8Vpkg==
x-request-id: 699ef8e8-19c5-47e4-be5a-4e07adc63f11

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-147080598-1&cid=1852477607.1682011396&jid=953857839&_u=YADAAEAAAAAAACAAI~&z=65427466

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-147080598-1&cid=1852477607.1682011396&jid=953857839&_u=YADAAEAAAAAAACAAI~&z=65427466

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1032799244/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1032799244/?random=1682011396622&cv=11&fst=1682010000000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&frm=0&tiba=Quick%20Collection%20Account%20Payment&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4169430014&rmt_tld=0&ipr=y

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1032799244/ 42 B
64 B 49ms
49ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1032799244/?random=1682011396622&cv=11&fst=1682010000000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&frm=0&tiba=Quick%20Collection%20Account%20Payment&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4169430014&rmt_tld=1&ipr=y

Requested by

Host: www.mrgpartners.com
URL: https://www.mrgpartners.com/pay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icap.js Show response
js.calltrk.com/group/0/78f71d341969f0e657f0/12/ 22 B
381 B 217ms
217ms Script
text/javascript 18.66.112.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.calltrk.com/group/0/78f71d341969f0e657f0/12/icap.js?t=1682011396976&GoogleAnalytics4__ga=GA1.2.1852477607.1682011396&GoogleAnalytics__ga=GA1.2.1852477607.1682011396&ga=GA1.2.1852477607.1682011396&uuid=67bfd2db-f2d9-4d45-8719-13b47d648cbd&ids%5B%5D=303086409
Requested by: Host: cdn.calltrk.com
URL: https://cdn.calltrk.com/companies/303086409/78f71d341969f0e657f0/12/swap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-77.fra56.r.cloudfront.net
Software: /
Resource Hash: 1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-runtime: 0.023044
date: Thu, 20 Apr 2023 17:23:17 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
etag: W/"1643b5cec44cc597bc2cce3448ce5434"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: JOXINk-TXQS_VP3SOLNIWWyzqDJcxXJVBpfC_1B10fVgIb_v_cPlRA==
x-request-id: 08911689-7e8a-4dda-8b55-5d450c9f4877

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=203105084242923&ev=Microdata&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&rl=&if=false&ts=1682011397223&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Quick%20Collection%20Account%20Payment%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Quick%20Collection%20Account%20Payment%22%2C%22twitter%3Atitle%22%3A%22Quick%20Collection%20Account%20Payment%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22LocalBusiness%22%2C%22name%22%3A%22Miller%2C%20Ross%20%26%20Goldman%22%2C%22image%22%3A%22https%3A%2F%2Fuploads-ssl.webflow.com%2F62b09cf6ef62f7e2b5af7dcf%2F62b0f64ad67fcf6eed9794cd_mrg-logo.svg%22%2C%22%40id%22%3A%22https%3A%2F%2Fmrgpartners.com%2Fabout-us%2F%22%2C%22url%22%3A%22https%3A%2F%2Fmrgpartners.com%2F%22%2C%22telephone%22%3A%22(512)%20275-6412%22%2C%22priceRange%22%3A%22%24-%24%24%24%24%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22streetAddress%22%3A%22500%20E%20Whitestone%20Blvd%2C%20Suite%20850%22%2C%22addressLocality%22%3A%22Cedar%20Park%22%2C%22addressRegion%22%3A%22TX%22%2C%22postalCode%22%3A%2278613%22%2C%22addressCountry%22%3A%22US%22%7D%2C%22geo%22%3A%7B%22%40type%22%3A%22GeoCoordinates%22%2C%22latitude%22%3A30.5217981%2C%22longitude%22%3A-97.8248127%7D%2C%22openingHoursSpecification%22%3A%5B%7B%22%40type%22%3A%22OpeningHoursSpecification%22%2C%22dayOfWeek%22%3A%5B%22Monday%22%2C%22Tuesday%22%2C%22Wednesday%22%2C%22Thursday%22%5D%2C%22opens%22%3A%2207%3A00%22%2C%22closes%22%3A%2219%3A00%22%7D%2C%7B%22%40type%22%3A%22OpeningHoursSpecification%22%2C%22dayOfWeek%22%3A%22Friday%22%2C%22opens%22%3A%2209%3A00%22%2C%22closes%22%3A%2214%3A00%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.102&r=stable&ec=1&o=30&fbp=fb.1.1682011396715.436504347&it=1682011396242&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Apr 2023 17:23:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 200 server.php
submit.jotform.com/ Frame 0
0 217ms
157ms Preflight
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getFormTranslations&formID=230695226098160&langCode=en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-prototype-version,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.mrgpartners.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, X-Prototype-Version
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
access-control-request-method: POST, OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/javascript; charset=utf-8
date: Thu, 20 Apr 2023 17:23:17 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Thu, 20 Apr 2023 17:23:17 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H2 200 server.php Show response
submit.jotform.com/ Frame 8469 4 KB
2 KB 157ms
157ms XHR
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getFormTranslations&formID=230695226098160&langCode=en
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2a509d81879e622fa2ccf8380669bf4b71fbd27632ade51b51ea666774ddf816

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.7
Referer: https://www.mrgpartners.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:17 GMT
access-control-request-method: POST, OPTIONS, GET
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:17 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: no-cache
x-form-cache: MISS-APP
access-control-allow-headers: X-Requested-With, X-Prototype-Version
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 generateTransactionId Show response
api.jotform.com/payment/ Frame 8469 122 B
584 B 205ms
168ms XHR
application/json 2606:4700:11::6817:850b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.jotform.com/payment/generateTransactionId?ms=1682011397454
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:850b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61abea268ab4a86279f11aeb0c41025a440e468236a8a91a8026423c265b071

Request headers

Referer: https://www.mrgpartners.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 20 Apr 2023 17:23:17 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:17 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: PUT, POST, GET, OPTIONS, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS
cf-ray: 7baf13025ce99177-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 /
events.jotform.com/jsform/230695226098160/ Frame 8469 0
195 B 144ms
135ms Image
text/plain 2606:4700:11::6817:860b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.jotform.com/jsform/230695226098160/?ref=https%253A%252F%252Fwww.mrgpartners.com%252Fpay&res=1600x1200&eventID=1682011397455_230695226098160_xY58clD&loc=https%253A%252F%252Fwww.mrgpartners.com%252Fpay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:11::6817:860b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
last-modified: Thu, 20 Apr 2023 13:23:17 GMT
server: cloudflare
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7baf130228469001-FRA
access-control-allow-headers: origin, content-type, accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 1 Jan 1970 00:00:00 GMT

OPTIONS
H3 200 server.php
submit.jotform.com/ Frame 0
0 143ms
143ms Preflight
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getCardFormTranslations&formID=230695226098160&langCode=en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-prototype-version,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.mrgpartners.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With, X-Prototype-Version
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
access-control-request-method: POST, OPTIONS, GET
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
content-encoding: gzip
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
content-type: text/javascript; charset=utf-8
date: Thu, 20 Apr 2023 17:23:17 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
last-modified: Thu, 20 Apr 2023 17:23:17 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
via: 1.1 google
x-form-cache: MISS-APP

GET
H3 200 server.php Show response
submit.jotform.com/ Frame 8469 35 B
80 B 144ms
144ms XHR
text/javascript 35.201.118.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://submit.jotform.com/server.php?action=getCardFormTranslations&formID=230695226098160&langCode=en
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.12.1/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.118.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 58.118.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8e024ef94ce8b9985d3eb8d8788e451fce80f21fe59573fb4c8385ba0873b21b

Request headers

Accept: text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version: 1.7
Referer: https://www.mrgpartners.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 17:23:18 GMT
access-control-request-method: POST, OPTIONS, GET
content-encoding: gzip
via: 1.1 google
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:18 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Length, X-JSON
cache-control: no-cache
x-form-cache: MISS-APP
access-control-allow-headers: X-Requested-With, X-Prototype-Version
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

major-credit-card-logos.640ba42fd811a4.80959377.png
files.jotform.com/jufs/mrggarrettp/form_files/ Frame 8469
Redirect Chain

https://www.jotform.com/uploads/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png
https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=bSWb4LisNixtsV2l_7l13Q&expires=1682011408

29 KB
29 KB

137ms
136ms

Image
image/png

35.190.41.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=bSWb4LisNixtsV2l_7l13Q&expires=1682011408
Protocol: H2
Server: 35.190.41.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.41.190.35.bc.googleusercontent.com
Software: /
Resource Hash: c2808c316352c60b7f90828b54fba93839d7bec24157611173f83d870d406762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 17:23:18 GMT
via: 1.1 google
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With, newrelic, traceparent, tracestate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods: OPTIONS, GET
content-type: image/png

Redirect headers

date: Thu, 20 Apr 2023 17:23:18 GMT
strict-transport-security: max-age=600000;
via: 1.1 google
cf-cache-status: DYNAMIC
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 20 Apr 2023 17:23:18 GMT
server: cloudflare
content-type: text/html; charset=UTF-8
location: https://files.jotform.com/jufs/mrggarrettp/form_files/major-credit-card-logos.640ba42fd811a4.80959377.png?md5=bSWb4LisNixtsV2l_7l13Q&expires=1682011408
access-control-allow-origin: *
cache-control: no-cache
x-form-cache: MISS-APP
cf-ray: 7baf13064ed79001-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 / Show response
api.ipify.org/ 24 B
116 B 567ms
138ms XHR
application/json 173.231.16.77
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: d3e54v103j8qbb.cloudfront.net
URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=62b09cf6ef62f7e2b5af7dcf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.231.16.77 , United States, ASN18450 (WEBNX, US),
Reverse DNS: 173-231-16-77.static.webnx.com
Software: /
Resource Hash: d2519a335136651513bac19f78a96f88aef5b6c694f31088e3a1047165eb040d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.mrgpartners.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: https://www.mrgpartners.com
date: Thu, 20 Apr 2023 17:23:20 GMT
content-length: 24
vary: Origin
content-type: application/json

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E0FT9VT90D&gtm=45je34c0&_p=1060291541&cid=1852477607.1682011396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1682011396&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrgpartners.com%2Fpay&dt=Quick%20Collection%20Account%20Payment&en=scroll&epn.percent_scrolled=90&_et=37
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E0FT9VT90D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mrgpartners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 17:23:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mrgpartners.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mrgpartners.com/	1970-01-20 13:23:07	Name: _gcl_au Value: 1.1.458055500.1682011396
.jotform.com/	1970-01-20 11:56:43	Name: userReferer Value: https%3A%2F%2Fwww.mrgpartners.com%2F
.jotform.com/	1970-01-20 11:56:43	Name: theme Value: tile-black
.jotform.com/	1970-01-20 11:56:43	Name: JOTFORM_SESSION Value: pinpe0j0cncbfpd4nard61d000
.jotform.com/	1970-01-20 11:56:43	Name: guest Value: guest_47efc7f63b21662b
.mrgpartners.com/	1970-01-20 20:49:31	Name: _ga Value: GA1.2.1852477607.1682011396
.mrgpartners.com/	1970-01-20 11:14:57	Name: _gid Value: GA1.2.2070547949.1682011396
.mrgpartners.com/	1970-01-20 11:13:31	Name: _gat_UA-147080598-1 Value: 1
.mrgpartners.com/	1970-01-20 20:49:31	Name: _ga_E0FT9VT90D Value: GS1.1.1682011396.1.0.1682011396.60.0.0
.mrgpartners.com/	1970-01-20 19:59:07	Name: calltrk_referrer Value: direct
.mrgpartners.com/	1970-01-20 19:59:07	Name: calltrk_landing Value: https%3A//www.mrgpartners.com/pay
.mrgpartners.com/	1970-01-20 13:23:07	Name: _fbp Value: fb.1.1682011396715.436504347
.doubleclick.net/	1970-01-20 20:35:07	Name: IDE Value: AHWqTUlrFmZtVMtum2rxDtYu_EJsi-uK5RNkMcNLqifGWoUmlQi1iVP0WRG0UWbm
.mrgpartners.com/	1970-01-20 19:59:07	Name: calltrk_session_id Value: 67bfd2db-f2d9-4d45-8719-13b47d648cbd
.mrgpartners.com/	1970-01-20 19:59:07	Name: calltrk_fcid Value: 6fcfd083-401d-4bec-9072-fc29a7b64e1c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
api.jotform.com
browser.sentry-cdn.com
cdn.calltrk.com
cdn.jotfor.ms
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
events.jotform.com
files.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
googleads.g.doubleclick.net
js.calltrk.com
region1.analytics.google.com
stats.g.doubleclick.net
submit.jotform.com
uploads-ssl.webflow.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.jotform.com
www.mrgpartners.com
173.231.16.77
18.66.112.117
18.66.112.61
18.66.112.77
2001:4860:4802:34::36
2606:4700:10::ac43:76b
2606:4700:11::6817:850b
2606:4700:11::6817:860b
2a00:1450:4001:810::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:600::729
2a06:98c1:3123:e000::c
35.190.41.132
35.201.118.58
52.222.232.47
54.194.170.100
02886efa568147a978adc18c05ca391339977c780e3a47f57fca6c9636ac1726
03f2986c0824c68bdaf1e16947352f5fe417d03741806097fa9ea7131fe3a019
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
0e6f324f989608d1839dce2c7c4bd36adeca52d8454c3b5393da942afffd7b5a
11cc2f30486535e09fbc413391f03d535f755d0d10ea6be61e02aed42bb0ead3
1643b5cec44cc597bc2cce3448ce5434241eec9b92db8af268ee3ee1f198441d
1b46ef6fdce36e855ea7dc5a4c96551032bc2e217143d36b43593837b430e6e1
20d2fca2693592c57ace41653179a9f851d1b6d8327f22c7112051be870f4e7e
233db32cb540e8c88b57d75253611a5b6f6f15002ac10ad6fd6be955297faacf
2a509d81879e622fa2ccf8380669bf4b71fbd27632ade51b51ea666774ddf816
2b44cce37c2cebfb8f491b2c153ecf44d55aa3b0fad74a515ad19883f0539e3d
40589ab9463118f8e359e71ddef1239dbba584fc506e459d40513b4737591375
45acbaae00fb0cfa8413b582cd4c0dad9653c78a051a7215205079ccc7c7e233
45cf9b3de6561edd7d94188310de6d7e0887a4c50e28ea53b2d92c2877940c39
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b751c78bcc01463b4386168703b78138c9402fabe27bd657538c961accaf01f
6d88d35ad7be98c83c3e84c93e591686427c1b350115d9781bcdd23a55522176
6f96306e0b9812afef17e8935d14f0d5d458ae52549c129bb0b57f56d1b19331
75457b054e6e1e89f10dda4b777d5676404acaa1541618f03d4ed055a3857e05
81363bf5e80b032d76dedae26638666c661b12ea0d3571158b510d2d46ff959e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
866cb9dfd7134971ffb7a353117304be5ddf02855572c177eadc57b80f66280e
870cf8347bb045c8cf29a13b94c9034886de84ba1286b8635ea9ab217f93b78c
8b86e604ed62656d57b4bc243753564a961715acd663f2aacaf1b723730d66e4
8e024ef94ce8b9985d3eb8d8788e451fce80f21fe59573fb4c8385ba0873b21b
8fc0d3cd59a582a37823b110573deb30e051ba9bc382900a3f4b9992ae995acf
aae187b391784ca48ed729aae439e0d26ad3cc57e71eeaaead511f70eae21b12
ae591428e042e88608d1f160f98d59082deb2714e145283d5d69ba9dc047ac37
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2b356c88e725e6c7a91b07746509a69a313bc1ba5dfeed9b4b6da6172cd1e50
b7ed603a660c1e0467ca8172e163b045c85958ff4904c7ec0a09f51bb5219476
bb520d834b4b8107e8cd589e6fb93cf0fd70c6282bc711c597978eb1598fa40c
c16c22291be352957f3e32dffca4ebac9a2a7be088be3b3aa5b45b2d3347791a
c2808c316352c60b7f90828b54fba93839d7bec24157611173f83d870d406762
c67b0d4c48e1c1ea2ce6026b4f62a13448de04996991909836435bacb59a26c6
cd1e20a2aa37e03cee3e4231f5e73551dd7e275f62a23f64dd570bdb9fe92a1a
cff4271d2d0ee30878a4805694667aa650e27b8b89653a0a2564b1f8a6960537
d2519a335136651513bac19f78a96f88aef5b6c694f31088e3a1047165eb040d
d3c53b7996461a51fdaeb489f01da8fc2191c22c71dd0d6b78f42ed5fb907b58
d61abea268ab4a86279f11aeb0c41025a440e468236a8a91a8026423c265b071
d7eeeba23ee08ef3c7ea9fd649b04510617a18c12ae1e1174cff662943708feb
db9267a498f08f8c7c39c0e5a95014a9a5c28210ab560d6a687b514290f819ee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e523f49c12b13a176014af1a46ae5a0545b136bf56d496426aa881026d0c318a
e8a99d98b38b32d3247c801d7f0cb0bf5ea6e188879bbb4aadf376c715102d97
ed7cca550ff9f4bdbfe0ec52ca0eb5aaa2a7723322f6cdff56925da0815d8926
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bbce3529f7cad551ba5b8efb2fab48e82375edee49dea799fdbdca39a1acd0
f24dc6b08827e41961a7218a6ec9be0f2aa0cc016251030a56614c8111a792d4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.mrgpartners.com Open in urlscan Pro 54.194.170.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

96 %HTTPS

68 %IPv6

18 Domains

30 Subdomains

26 IPs

4 Countries

1717 kBTransfer

4749 kBSize

15 Cookies

6 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mrgpartners.com Open in urlscan Pro
54.194.170.100 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

96 %
HTTPS

68 %
IPv6

18
Domains

30
Subdomains

26
IPs

4
Countries

1717 kB
Transfer

4749 kB
Size

15
Cookies

67 HTTP transactions
3 data transactions