paymentissueruma.gogroth.com Open in urlscan Pro
209.50.56.141 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paymentissueruma.gogroth.com/
Submission: On March 24 via automatic, source certstream-suspicious (March 24th 2023, 2:32:09 am UTC) — Scanned from DE

Summary HTTP 228 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 33 IPs in 5 countries across 25 domains to perform 228 HTTP transactions. The main IP is 209.50.56.141, located in Phoenix, United States and belongs to UPCLOUDUSA, US. The main domain is paymentissueruma.gogroth.com.
TLS certificate: Issued by R3 on January 22nd 2023. Valid for: 3 months.

This is the only time paymentissueruma.gogroth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 114	209.50.56.141 209.50.56.141	25697 (UPCLOUDUSA) (UPCLOUDUSA)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.127.89 18.66.127.89	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:ca00:d:8df6:5fc0:21	16509 (AMAZON-02) (AMAZON-02)
10	2600:9000:223... 2600:9000:223f:d400:3:d92d:a340:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2600:9000:225... 2600:9000:2250:ac00:e:9c9a:bec0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:1683	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	3.18.160.173 3.18.160.173	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
5	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	52.72.172.163 52.72.172.163	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
8	2606:4700:e4:... 2606:4700:e4::ac40:a816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	54.231.172.80 54.231.172.80	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:2113:cc00:e:27fd:3980:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.219.98.84 52.219.98.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
228	33

114 209.50.56.141 (Phoenix, United States) 6 redirects

ASN25697 (UPCLOUDUSA, US)
PTR: 209-50-56-141.us-chi1.upcloud.host

paymentissueruma.gogroth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.127.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-127-89.fra60.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ca00:d:8df6:5fc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1kb6wto5ohzen.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:223f:d400:3:d92d:a340:93a1 (United States)

ASN16509 (AMAZON-02, US)

chatbot.growth99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2250:ac00:e:9c9a:bec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.joinboulevard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

g99-resources.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:1683 (United States)

ASN13335 (CLOUDFLARENET, US)

rumaaesthetics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.18.160.173 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-160-173.us-east-2.compute.amazonaws.com

api.growth99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.72.172.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-172-163.compute-1.amazonaws.com

dashboard.boulevard.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.231.172.80 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2113:cc00:e:27fd:3980:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ai.getdeardoc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o435284.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.98.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com

prod-emr-asset.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
114	gogroth.com 6 redirects paymentissueruma.gogroth.com	2 MB
20	growth99.com chatbot.growth99.com — Cisco Umbrella Rank: 905248 api.growth99.com — Cisco Umbrella Rank: 844151	1 MB
18	joinboulevard.com static.joinboulevard.com — Cisco Umbrella Rank: 184945	3 MB
12	gstatic.com fonts.gstatic.com www.gstatic.com	199 KB
10	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1390 ka-f.fontawesome.com — Cisco Umbrella Rank: 2595	201 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	848 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25 region1.google-analytics.com — Cisco Umbrella Rank: 2368	40 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 jnn-pa.googleapis.com — Cisco Umbrella Rank: 216	33 KB
5	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 2974 i.vimeocdn.com — Cisco Umbrella Rank: 2971	269 KB
4	amazonaws.com s3.amazonaws.com prod-emr-asset.s3.amazonaws.com	122 KB
4	boulevard.io dashboard.boulevard.io — Cisco Umbrella Rank: 129629	8 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 255 stats.g.doubleclick.net — Cisco Umbrella Rank: 70	2 KB
3	b-cdn.net g99-resources.b-cdn.net	72 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	196 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	243 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6058	408 B
1	sentry.io o435284.ingest.sentry.io — Cisco Umbrella Rank: 169272	282 B
1	getdeardoc.com static.ai.getdeardoc.com — Cisco Umbrella Rank: 201775	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	2 KB
1	rumaaesthetics.com rumaaesthetics.com	11 KB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1785	9 KB
1	cloudfront.net d1kb6wto5ohzen.cloudfront.net	48 KB
1	mailchimp.com cdn-images.mailchimp.com — Cisco Umbrella Rank: 5308	2 KB
228	25

	Domain	Requested by
114	paymentissueruma.gogroth.com	6 redirects paymentissueruma.gogroth.com
18	static.joinboulevard.com	paymentissueruma.gogroth.com dashboard.boulevard.io static.joinboulevard.com
10	api.growth99.com	paymentissueruma.gogroth.com chatbot.growth99.com
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com chatbot.growth99.com
10	chatbot.growth99.com	paymentissueruma.gogroth.com chatbot.growth99.com
9	www.youtube.com	paymentissueruma.gogroth.com www.youtube.com
8	ka-f.fontawesome.com	kit.fontawesome.com paymentissueruma.gogroth.com chatbot.growth99.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com dashboard.boulevard.io static.joinboulevard.com
4	jnn-pa.googleapis.com	www.youtube.com
4	dashboard.boulevard.io	static.joinboulevard.com
3	s3.amazonaws.com	dashboard.boulevard.io
3	f.vimeocdn.com	player.vimeo.com
3	g99-resources.b-cdn.net	paymentissueruma.gogroth.com
3	www.googletagmanager.com	paymentissueruma.gogroth.com www.googletagmanager.com
3	fonts.googleapis.com	paymentissueruma.gogroth.com dashboard.boulevard.io
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	www.google.com	www.youtube.com
2	kit.fontawesome.com	paymentissueruma.gogroth.com chatbot.growth99.com
2	i.vimeocdn.com	paymentissueruma.gogroth.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	paymentissueruma.gogroth.com
2	connect.facebook.net	paymentissueruma.gogroth.com connect.facebook.net
1	www.google.de
1	stats.g.doubleclick.net	static.joinboulevard.com
1	prod-emr-asset.s3.amazonaws.com	paymentissueruma.gogroth.com
1	o435284.ingest.sentry.io	dashboard.boulevard.io
1	static.ai.getdeardoc.com	paymentissueruma.gogroth.com
1	static.doubleclick.net	www.youtube.com
1	cdnjs.cloudflare.com	paymentissueruma.gogroth.com
1	rumaaesthetics.com	paymentissueruma.gogroth.com
1	player.vimeo.com	paymentissueruma.gogroth.com
1	d1kb6wto5ohzen.cloudfront.net	paymentissueruma.gogroth.com
1	cdn-images.mailchimp.com	paymentissueruma.gogroth.com
228	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
plus.app.growth99.com
blvd.me
rumaaesthetics.com
goo.gl
www.growth99.com
growth99.com

Subject Issuer	Validity	Valid
paymentissueruma.gogroth.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
cdn-images.mailchimp.com Amazon RSA 2048 M01	`2023-02-23` - `2023-08-03`	5 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.growth99.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-31`	3 months	crt.sh
joinblvd.com Amazon RSA 2048 M02	`2023-02-23` - `2023-09-22`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
growth99.com Amazon RSA 2048 M01	`2023-02-10` - `2023-08-13`	6 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-02-18` - `2024-03-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
ai.getdeardoc.com Amazon RSA 2048 M02	`2023-02-23` - `2023-07-23`	5 months	crt.sh
*.ingest.sentry.io R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://paymentissueruma.gogroth.com/
Frame ID: 59E563F69BA7C50D35FDC6452C6CD82C
Requests: 146 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
Frame ID: ACBC0DC880FDEC8BF72083F95DB17B35
Requests: 18 HTTP requests in this frame

Frame: https://player.vimeo.com/video/771257668?h=90841522d3&dnt=1&app_id=122963
Frame ID: F0A5DE6E4B27A20B207C8334E8F3D729
Requests: 6 HTTP requests in this frame

Frame: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Frame ID: 649FEAE93D2EC8A261B5D05A741D6B37
Requests: 32 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 887C4E9A744CADF72BBD9BD990C3EA60
Requests: 1 HTTP requests in this frame

Frame: https://chatbot.growth99.com/business/137/chat3?color=
Frame ID: ACB7F2441EC426751B04A79F37BD5F4C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medical Spa | RUMA Aesthetics Lehi, Utah

Detected technologies

WooCommerce (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

/woocommerce(?:\.min)?\.js(?:\?ver=([0-9.]+))?

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

cdn-images\.mailchimp\.com/[^>]*\.css

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]
/revslider/[/\w-]+/js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

228
Requests

98 %
HTTPS

73 %
IPv6

25
Domains

34
Subdomains

33
IPs

5
Countries

8666 kB
Transfer

27112 kB
Size

12
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/rumaaesthetics
Title: Facebook page opens in new window

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rumaaesthetics/?hl=en
Title: Instagram page opens in new window

Search URL Search Domain Scan URL

URL: https://plus.app.growth99.com/service/Growth99-RumaAesthetics
Title: Medical Aesthetics Marketing: Growth99

Search URL Search Domain Scan URL

URL: https://blvd.me/ruma-aesthetics/gift-cards
Title: Gift Card

Search URL Search Domain Scan URL

URL: https://rumaaesthetics.com/home-test-video/?preview_id=10210&preview_nonce=eda4864f8b&_thumbnail_id=-1&preview=true#book-now
Title: Book A Visit

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/vwAjEG4djeCsHmPC8
Title: Lehi, Utah

Search URL Search Domain Scan URL

URL: https://www.growth99.com/

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/ajfxLUokMcZ79bD69
Title: 1850 W Ashton Blvd Suite #100 Lehi, UT 84043

Search URL Search Domain Scan URL

URL: https://growth99.com/
Title: Powered by Growth99

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/Gif_01.gif HTTP 301
https://paymentissueruma.gogroth.com/custom-404/

Request Chain 68

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/80x80.png HTTP 301
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-favicon-ut-rumaaesthetics.png

Request Chain 69

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/Light_Ruma.png HTTP 301
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-ruma-aesthetics.png HTTP 301
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-UT-Ruma-Aesthetics.png

Request Chain 70

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/G-T-02.png HTTP 301
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics.png HTTP 301
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics-ut-ruma-aesthetics.png

Request Chain 139

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

228 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paymentissueruma.gogroth.com/ 166 KB
34 KB 593ms
218ms Document
text/html 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

8e338a0943e448890d6c2d5af77b8bc26e46db02de335728cbe598530a70548a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, no-cache
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Mar 2023 02:31:59 GMT
link: <https://paymentissueruma.gogroth.com/wp-json/>; rel="https://api.w.org/" <https://paymentissueruma.gogroth.com/wp-json/wp/v2/pages/3526>; rel="alternate"; type="application/json" <https://paymentissueruma.gogroth.com/>; rel=shortlink
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
server: Prometheus
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-grid-cache: HIT
x-grid-cache-ttl: 1
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
paymentissueruma.gogroth.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 124ms
110ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-13abe"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 vendors-style.css
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 3 KB
1 KB 132ms
116ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=4.4.3

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-ccc"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 style.css
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/ 167 KB
19 KB 133ms
117ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=4.4.3

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

2924ea36a075d22f18a9fac2ad9a0e3a8aa2bf9195ba462ff626df6bcd05e97a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-29a8a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 dashicons.min.css
paymentissueruma.gogroth.com/wp-includes/css/ 58 KB
35 KB 134ms
118ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/css/dashicons.min.css?ver=5.8.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-e688"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 theme.css
paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/css/ 70 KB
12 KB 323ms
307ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=4.1.14

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:31:54 GMT
server: Prometheus
etag: W/"6349025a-119f9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 rs6.css
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/css/ 58 KB
13 KB 324ms
308ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

2f3a1b7a384a1a1da06ebee7b08bd8faf7affe08578ec087c2fa6d9a1209cd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: W/"605c2181-e902"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 form-themes.min.css
paymentissueruma.gogroth.com/wp-content/plugins/mailchimp-for-wp/assets/css/ 9 KB
2 KB 324ms
308ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/mailchimp-for-wp/assets/css/form-themes.min.css?ver=4.8.3

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

8605bf321acdd3f271b0d1e442a7ab08a6a673cd56d71d23a56144ceeb72b18a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:36:24 GMT
server: Prometheus
etag: W/"605c2158-254e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 ivory-search.min.css
paymentissueruma.gogroth.com/wp-content/plugins/add-search-to-menu/public/css/ 7 KB
2 KB 324ms
309ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=4.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:36:05 GMT
server: Prometheus
etag: W/"605c2145-1a9b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 genericons.css
paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/ 27 KB
16 KB 324ms
309ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Apr 2020 09:05:42 GMT
server: Prometheus
etag: W/"5e8d93e6-6b84"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 font-awesome.min.css
paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/ 30 KB
7 KB 325ms
310ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:31:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Apr 2020 09:05:42 GMT
server: Prometheus
etag: W/"5e8d93e6-7918"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 all.min.css
paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/ 51 KB
11 KB 325ms
310ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Apr 2020 09:05:42 GMT
server: Prometheus
etag: W/"5e8d93e6-ca00"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 icomoon.css
paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/ 719 B
745 B 325ms
311ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/icomoon.css?ver=5.8.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

99b4835b9f861a8a59b8c1e51025fbad98af340fe1a0da4142325d12ebf0d8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Apr 2020 17:58:02 GMT
server: Prometheus
etag: W/"5e8b6daa-2cf"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 js_composer.min.css
paymentissueruma.gogroth.com/wp-content/plugins/js_composer/assets/css/ 474 KB
45 KB 325ms
311ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.6.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:15 GMT
server: Prometheus
etag: W/"605c218b-76828"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 frontend.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/ 16 KB
2 KB 326ms
312ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1.1.13

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

c6d26c147c6d8ebbc22f4f18c81bd8f2592c228443508d5c906becdc5ed065c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:21 GMT
server: Prometheus
etag: W/"605c2191-3f3b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wvs-theme-override.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/ 7 KB
2 KB 326ms
312ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/wvs-theme-override.min.css?ver=1.1.13

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

a56844edb0c017c249a7b53a55ffd5ae330361663efecada5a7dfd61d2a7e505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:21 GMT
server: Prometheus
etag: W/"605c2191-1c88"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 frontend-tooltip.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/ 3 KB
1 KB 326ms
313ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/css/frontend-tooltip.min.css?ver=1.1.13

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

56798856c7e5cbe87c4a45893bb2d55c8a7470eb3b35751f9074b23988aa19e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:21 GMT
server: Prometheus
etag: W/"605c2191-c1a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 63ms
19ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700%7CRoboto:400,600,700%7CMuli:400,600,700

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b472f95c10914872eb277ee5758b8a30f38fea6e3b06f4f144d03ff120cbf27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 02:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:31:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 02:31:59 GMT

GET
H2 200 main.min.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css-lite/ 249 KB
42 KB 326ms
313ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css-lite/main.min.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

c91ba7b6ff61aed584f2c0af46b1b9d94e536dd714879b087c0891bcbf531517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-3e391"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 icomoon-the7-font.min.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/ 20 KB
3 KB 327ms
313ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ffd631cb679cbaab271d2515e5ad71768ceb7c1ca7b8dc7f5084770a4ded8687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-4e31"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 all.min.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/css/ 58 KB
13 KB 327ms
314ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-e7d0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wpbakery.min.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css-lite/ 25 KB
5 KB 327ms
314ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css-lite/wpbakery.min.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

75535d674802c5ce8fecc6a261e1c9debf17eef60d06a1f9569dccf0bf7069ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-6465"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 post-type.min.css
paymentissueruma.gogroth.com/wp-content/plugins/dt-the7-core/assets/css/ 42 KB
7 KB 327ms
315ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/dt-the7-core/assets/css/post-type.min.css?ver=2.5.5.2

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

10c620621be8d1cf76112872139f30336a31482993bd3777daa4971f4211d39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:00 GMT
server: Prometheus
etag: W/"605c217c-a923"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 custom.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/ 272 KB
31 KB 327ms
315ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/custom.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

fbab8be2ab66d2e186c273118eb38d95d21cc1585da9166c72aed83a73403172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:39 GMT
server: Prometheus
etag: W/"637e630f-44058"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wc-dt-custom.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/compatibility/ 161 KB
23 KB 328ms
316ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/compatibility/wc-dt-custom.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b2d0ec7c1365e7f6fb2b919aedf176618edeae4361aabe66bea8a8685beff263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:39 GMT
server: Prometheus
etag: W/"637e630f-2822e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 media.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/ 75 KB
10 KB 329ms
317ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/media.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

51b9fd02a4e8213865f5401d699dcc03b7e6c52658ea711869b28c038346a375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:39 GMT
server: Prometheus
etag: W/"637e630f-12bdf"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 mega-menu.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/ 18 KB
3 KB 329ms
317ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/mega-menu.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

be52c695dbb70f1b0b9e81bb7636330047bdbf6d6ac610a6bbc16ddf6744500e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:39 GMT
server: Prometheus
etag: W/"637e630f-485f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 the7-elements-albums-portfolio.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/ 23 KB
3 KB 329ms
317ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/the7-elements-albums-portfolio.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5cf9186c30d241993ff0233aed0f0bdb71d0dc6592dd461715281775d949a26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:40 GMT
server: Prometheus
etag: W/"637e6310-5af4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 post-type-dynamic.css
paymentissueruma.gogroth.com/wp-content/uploads/the7-css/ 9 KB
2 KB 329ms
318ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/the7-css/post-type-dynamic.css?ver=a9139e02624e

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ae0daa854523967d33cc6353af8af5975319c754cdc7bb0b93912f5310526711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Nov 2022 18:14:40 GMT
server: Prometheus
etag: W/"637e6310-25d0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 slick.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/ 4 KB
2 KB 329ms
318ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/slick.min.css?ver=1.8.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

4cb9a347efe1b13805bd44329e4bb7ac9155d3b448d7c61c6f71d9014ed18a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 11:43:25 GMT
server: Prometheus
etag: W/"60d31e5d-faa"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 frontend.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/ 17 KB
3 KB 329ms
319ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/frontend.min.css?ver=1.2.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b3ffeda2fb799d234ae31e1c88a96d7a6618c012e9eb047961f76f6d549b0af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 11:43:25 GMT
server: Prometheus
etag: W/"60d31e5d-450c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 theme-support.min.css
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/ 305 B
641 B 329ms
319ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/css/theme-support.min.css?ver=1.2.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ab6fa16d68e1b4aadf88af7e28ef7f08cc1c43f3c9133f9c9642831fe742abe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 11:43:25 GMT
server: Prometheus
etag: W/"60d31e5d-131"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 style.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/ 1 KB
1 KB 330ms
320ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/style.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9c7111df1242861db0a059b40e209b549cdf7e75814831d7e9fb2452a8f8103b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 22 Jul 2022 12:28:27 GMT
server: Prometheus
etag: W/"62da97eb-5b8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 elementor-global.min.css
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css/compatibility/elementor/ 21 KB
4 KB 330ms
321ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/css/compatibility/elementor/elementor-global.min.css?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

03065eeab6825676f68277d21f152c5ad98395555f23af366333717bd0ae958d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-5201"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 style.min.css
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ 13 KB
3 KB 331ms
321ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/style.min.css?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9a31d5c9c0b108e9c1d8ccd47780a975d44ed8665a3be8a37b2c3614ad5fc157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-3432"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 headings.min.css
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ 1 KB
822 B 331ms
322ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/headings.min.css?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b08954fb222a9f97871f448798f5eb601af5c6bd7abb30c4bbfcb7b1e01d1e2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-4e7"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 modern.css
paymentissueruma.gogroth.com/wp-content/plugins/call-now-button/resources/style/ 4 KB
1 KB 332ms
323ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/call-now-button/resources/style/modern.css?ver=1.3.0

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5469645f5b6fca336e0bf409452a8923cf22e50e7cdc3634fabdcab613e6552c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 03 Nov 2022 11:43:05 GMT
server: Prometheus
etag: W/"6363a949-1178"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 jquery.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/jquery/ 87 KB
31 KB 332ms
323ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-15db1"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 jquery-migrate.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/jquery/ 11 KB
4 KB 332ms
324ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-2bd8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 Popup.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/ 38 KB
8 KB 332ms
324ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=4.1.14

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5d59372b6612612e1f165c140beb8e541b9becfa771862e2d61376252a2ba91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:31:54 GMT
server: Prometheus
etag: W/"6349025a-97db"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 PopupConfig.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/ 6 KB
2 KB 333ms
324ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=4.1.14

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:31:54 GMT
server: Prometheus
etag: W/"6349025a-177a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 PopupBuilder.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/ 77 KB
17 KB 333ms
325ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=4.1.14

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9ae1b9f867c5a14924d3d6b09e57f7451a00917838dd127af0782a07551e3d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:31:54 GMT
server: Prometheus
etag: W/"6349025a-13557"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 above-the-fold.min.js Show response
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/ 8 KB
4 KB 333ms
325ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/above-the-fold.min.js?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

14d3ef61cb86e0e9bcc7f264523851b948c3e517cf11175cc1151c39a025b5c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-2165"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 woocommerce.min.js Show response
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/compatibility/woocommerce/ 10 KB
3 KB 333ms
326ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/compatibility/woocommerce/woocommerce.min.js?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

96a4eeb21eac59c980f416328366cdf21f3ff0072b236842272fcb500a211595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-2706"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 ultimate-params.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 1 KB
942 B 333ms
326ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate-params.min.js?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

29ffec9ab14f020cfe7a758d57a8037662792b741a58f44682e075b5f6f175cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-44e"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 custom.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 21 KB
5 KB 334ms
326ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/custom.min.js?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

52b74bac7add7505063df29bbb542f629ec2d5a0d7b1f50d897007614dbb2a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-538f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 headings.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 3 KB
1 KB 334ms
327ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/headings.min.js?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

84a9118f6cfb06d63e55354382d57e7eeb26859fefec8c59aa139eb8cbef809e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-a9f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
60 KB 59ms
23ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166905251-1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3670bc178b2ea34f1d93c48c8383c6adf2bc72cdf07900816b33af5e414957a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 61470
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 02:32:00 GMT

GET
H2

200

/
paymentissueruma.gogroth.com/custom-404/
Redirect Chain

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/Gif_01.gif
https://paymentissueruma.gogroth.com/custom-404/

110 KB
110 KB

1104ms
1104ms

Image
text/html

209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/custom-404/

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
x-grid-cache: MISS
referrer-policy: strict-origin-when-cross-origin
server: Prometheus
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
cache-control: public, no-cache
link: <https://paymentissueruma.gogroth.com/wp-json/>; rel="https://api.w.org/", <https://paymentissueruma.gogroth.com/wp-json/wp/v2/pages/4493>; rel="alternate"; type="application/json", <https://paymentissueruma.gogroth.com/?p=4493>; rel=shortlink
x-grid-cache-ttl: 1

Redirect headers

pre-cognitive-push: Enabled
date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-grid-cache: MISS
server: Prometheus
quantum-flux-capacity: Omega
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://paymentissueruma.gogroth.com/custom-404/
cache-control: public, no-cache
x-xss-protection: 1; mode=block
x-grid-cache-ttl: 1
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 ruma-aesthetics-logo-UT-RumaAesthetics.svg
paymentissueruma.gogroth.com/wp-content/uploads/2021/12/ 12 KB
5 KB 248ms
232ms Image
image/svg+xml 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2021/12/ruma-aesthetics-logo-UT-RumaAesthetics.svg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b0381d34f80ea7330a10fa91a4d44654b8632efd47e93344d8e7da9a2b48398c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 11:27:34 GMT
server: Prometheus
etag: W/"62c2cea6-2ff0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 Ruma-Aesthetics-Logo_One-UT-RumaAesthetics.svg
paymentissueruma.gogroth.com/wp-content/uploads/2021/12/ 12 KB
5 KB 359ms
343ms Image
image/svg+xml 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2021/12/Ruma-Aesthetics-Logo_One-UT-RumaAesthetics.svg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b2372c504d4a515cd4d06f0a569071176de62942ba381959b207d0eb220f6362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 11:33:54 GMT
server: Prometheus
etag: W/"62c2d022-2fee"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 face-filler-ut-rumaaesthetics-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 10 KB
11 KB 362ms
346ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/face-filler-ut-rumaaesthetics-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5d9501607cfff9684bb4aa39eddbf90c2ff1c3f8f99223aebb52604d509b4c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 10560
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 May 2022 08:00:14 GMT
server: Prometheus
etag: "62874a8e-2940"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 the-ruma-signature-treatment-ut-ruma-aesthetics-80x80.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/09/ 2 KB
3 KB 363ms
348ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/09/the-ruma-signature-treatment-ut-ruma-aesthetics-80x80.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

28240a7a5a3cfcf3c9ddbd08227a6dc8fb36e7784c235783160727868cc46e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2232
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:14:12 GMT
server: Prometheus
etag: "62c6b1f4-8b8"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 Sculptra-Lehi-Utah-UT-RumaAesthetics-80x80.jpeg
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 2 KB
2 KB 365ms
350ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/Sculptra-Lehi-Utah-UT-RumaAesthetics-80x80.jpeg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

60462a4da1eecf45592e8f65d0412c8d40cf58c3db82a0c902c4e82e1e468e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2056
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 17 May 2022 08:23:24 GMT
server: Prometheus
etag: "62835b7c-808"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 kybella-lehi-utah_one-ut-rumaaesthetics-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 7 KB
7 KB 368ms
352ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/kybella-lehi-utah_one-ut-rumaaesthetics-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

83f7505d23593b4428ad650f5082c97ac7236106998de26a3cee0514182edff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 7038
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 May 2022 08:16:29 GMT
server: Prometheus
etag: "62874e5d-1b7e"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 PLATELET-RICH-PLASMA-PLATELET-RICH-FIBRIN-TREATMENTS-UT-Ruma-Aesthetics-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 12 KB
12 KB 369ms
353ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/PLATELET-RICH-PLASMA-PLATELET-RICH-FIBRIN-TREATMENTS-UT-Ruma-Aesthetics-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

2284fe9bcbab38a5870a9c9c5d6f22c7467162bfc40163e10ce96f8688db17b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 11880
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Jul 2022 06:48:25 GMT
server: Prometheus
etag: "62cfbc39-2e68"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 anchoring-ut-ruma-aesthetics-80x80.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/08/ 2 KB
2 KB 379ms
364ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/08/anchoring-ut-ruma-aesthetics-80x80.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

295fa5f9bf8c7eb32f7cb7327fdee3366418705e09933a2038743c79cc955031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1961
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:27:42 GMT
server: Prometheus
etag: "62c6b51e-7a9"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 qwo-ut-ruma-aesthetics-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2022/02/ 9 KB
9 KB 381ms
366ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/02/qwo-ut-ruma-aesthetics-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

f48792707156ce2bd5f7841611a8c2f236de5073dbdc33b34e123fc5b2a5bcd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9256
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 09:45:20 GMT
server: Prometheus
etag: "62c2b6b0-2428"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 Wellness-Photo-1-1-80x80.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2022/10/ 2 KB
2 KB 382ms
367ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/10/Wellness-Photo-1-1-80x80.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

700d5bf9cfd16e81f861acfa00f41bb2c0495bcd55313ae98680943d817da231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1988
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 19 Oct 2022 21:49:51 GMT
server: Prometheus
etag: "635070ff-7c4"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 viveve-ruma-aesthetics-ut-ruma-aesthetics-70x70.jpeg
paymentissueruma.gogroth.com/wp-content/uploads/2020/08/ 1 KB
2 KB 384ms
370ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/08/viveve-ruma-aesthetics-ut-ruma-aesthetics-70x70.jpeg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

446351976eb58086fe9fe8c1ef5965e6337a403fff29234cbb883948515ff644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1242
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:26:10 GMT
server: Prometheus
etag: "62c6b4c2-4da"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 facial-treatments-ut-ruma-aesthetics-80x80.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/05/ 2 KB
2 KB 385ms
370ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/05/facial-treatments-ut-ruma-aesthetics-80x80.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

0cbe9003e599c14c0c271e6d5f40de1692c1ce9078d41777a6b0ecd373fc8fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2119
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Jul 2022 07:01:49 GMT
server: Prometheus
etag: "62cd1c5d-847"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 vivace-vera-bella-ut-ruma-aesthetics-80x80.jpeg
paymentissueruma.gogroth.com/wp-content/uploads/2020/08/ 2 KB
2 KB 386ms
372ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/08/vivace-vera-bella-ut-ruma-aesthetics-80x80.jpeg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5e5753f111872db475db3d44a1e74ef752867e90cb538dd0d4dfd3ad5a664c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1831
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:26:51 GMT
server: Prometheus
etag: "62c6b4eb-727"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 forever-young-bbl-moxi-service-now-at-ruma-lehi-utah-ut-rumaaesthetics-80x80.jpeg
paymentissueruma.gogroth.com/wp-content/uploads/2022/02/ 17 KB
17 KB 387ms
373ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/02/forever-young-bbl-moxi-service-now-at-ruma-lehi-utah-ut-rumaaesthetics-80x80.jpeg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

3f4f0083de2db16529954f1e2f2686b69871593b7ae7e18fb9e9a7b740960e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 17464
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 09 May 2022 07:23:46 GMT
server: Prometheus
etag: "6278c182-4438"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 morpheus-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2022/06/ 9 KB
9 KB 388ms
374ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/06/morpheus-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ea871e10259bc7c9fadf7a26b0da4a751041dda2b5912e4faf709d24e03771e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9282
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Jun 2022 12:16:21 GMT
server: Prometheus
etag: "62b30815-2442"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 ruma-aesthetics-logo_three-UT-Ruma-Aesthetics-80x80.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 3 KB
3 KB 396ms
382ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-logo_three-UT-Ruma-Aesthetics-80x80.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

f8cbb0c3ce3a5924725a085515ac6743863f77751096ecac6388e3f1238a896c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 3128
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Jul 2022 10:48:50 GMT
server: Prometheus
etag: "62cea312-c38"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 home-page-ruma-aesthetics-ut-ruma-aesthetics-360x315.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/09/ 18 KB
19 KB 397ms
383ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/09/home-page-ruma-aesthetics-ut-ruma-aesthetics-360x315.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

87103c5ef4fbceb85504d0dd5666db5e54af6b0ba55ce8d2a20313f627a7da87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 18732
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:10:16 GMT
server: Prometheus
etag: "62c6b108-492c"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 home-page-lip-filler-ut-ruma-aesthetics-360x315.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/09/ 18 KB
18 KB 398ms
384ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/09/home-page-lip-filler-ut-ruma-aesthetics-360x315.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

6c72cbc3ddc97ef814cdc9d87bedbbb4c4e7ff35ef7d23da603341adc0103e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 18180
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:10:16 GMT
server: Prometheus
etag: "62c6b108-4704"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 home-page-anti-aging-ut-ruma-aesthetics-360x315.jpg
paymentissueruma.gogroth.com/wp-content/uploads/2020/09/ 19 KB
20 KB 405ms
391ms Image
image/jpeg 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/09/home-page-anti-aging-ut-ruma-aesthetics-360x315.jpg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

4c08e75074e7a0fcdd3f0f392c8d6fb1cec4086883cd53a30eeae1c4bf42d1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 19800
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 07 Jul 2022 10:12:17 GMT
server: Prometheus
etag: "62c6b181-4d58"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 transparent.png
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/assets/ 122 B
518 B 406ms
392ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/assets/transparent.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 122
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: "605c2181-7a"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2

200

ruma-aesthetics-favicon-ut-rumaaesthetics.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/
Redirect Chain

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/80x80.png
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-favicon-ut-rumaaesthetics.png

1 KB
2 KB

109ms
109ms

Image
image/png

209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-favicon-ut-rumaaesthetics.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

14219f8b3d20ef04d5c5c73b90c352b97f677581770506f689262f6a58d463c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1383
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 May 2022 08:11:36 GMT
server: Prometheus
etag: "62874d38-567"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

Redirect headers

pre-cognitive-push: Enabled
date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-grid-cache: MISS
server: Prometheus
quantum-flux-capacity: Omega
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-favicon-ut-rumaaesthetics.png
cache-control: public, no-cache
x-xss-protection: 1; mode=block
x-grid-cache-ttl: 1

GET
H2

200

light-logo-UT-Ruma-Aesthetics.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/
Redirect Chain

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/Light_Ruma.png
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-ruma-aesthetics.png
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-UT-Ruma-Aesthetics.png

4 KB
4 KB

110ms
109ms

Image
image/png

209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-UT-Ruma-Aesthetics.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

514a66549f4ecc876c3d8e5f35e024ac31e6aa241118a0e81b75c7c5486cb78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 4203
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Sep 2020 04:25:16 GMT
server: Prometheus
etag: "5f62e52c-106b"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

Redirect headers

pre-cognitive-push: Enabled
date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-grid-cache: MISS
server: Prometheus
quantum-flux-capacity: Omega
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/light-logo-UT-Ruma-Aesthetics.png
cache-control: public, no-cache
x-xss-protection: 1; mode=block
x-grid-cache-ttl: 1

GET
H2

200

growth-99-logo-ut-rumaaesthetics-ut-ruma-aesthetics.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/10/
Redirect Chain

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/G-T-02.png
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics.png
https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics-ut-ruma-aesthetics.png

8 KB
8 KB

112ms
111ms

Image
image/png

209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics-ut-ruma-aesthetics.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

daed3caa72349b1805931402c0242e0f0cd37db3cb52771cca9a0c5123c7acae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 7782
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 May 2022 08:34:48 GMT
server: Prometheus
etag: "628752a8-1e66"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

Redirect headers

pre-cognitive-push: Enabled
date: Fri, 24 Mar 2023 02:32:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-grid-cache: MISS
server: Prometheus
quantum-flux-capacity: Omega
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://paymentissueruma.gogroth.com/wp-content/uploads/2020/10/growth-99-logo-ut-rumaaesthetics-ut-ruma-aesthetics.png
cache-control: public, no-cache
x-xss-protection: 1; mode=block
x-grid-cache-ttl: 1

GET
H/1.1 200
OK classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 4 KB
2 KB 63ms
13ms Stylesheet
text/css 18.66.127.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.127.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-127-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
Date: Thu, 23 Mar 2023 21:03:16 GMT
Last-Modified: Thu, 17 Dec 2015 16:52:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 19724
ETag: W/"ae0fc9b84c30cada1784022044962394"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: yV8nq9UmEm29hKrXumKEASeSOKU4mabFUOcK8m6JHRg3agHdLkjYkg==

GET
H2 200 mc-validate.js Show response
d1kb6wto5ohzen.cloudfront.net/ 140 KB
48 KB 51ms
14ms Script
application/javascript 2600:9000:214f:ca00:d:8df6:5fc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1kb6wto5ohzen.cloudfront.net/mc-validate.js
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ca00:d:8df6:5fc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: gzip
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Sun, 20 Sep 2020 07:11:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 39236
etag: W/"6465dd4a8331265e6629cd069e03504c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BCDL7nmk0cJqt186Q5f_azrWbgdqhff6WgnT_CnWcx0LHM9EuNiH9A==

GET
H2 200 chatbot.js Show response
chatbot.growth99.com/assets/js/ 3 KB
4 KB 95ms
8ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/assets/js/chatbot.js
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e739e50469c5d3c2d518a21eb5b228f5b001565897713ecf21e367bc1cf4707

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: 1JmHAkH6tqLszmjFdCmkjx_aB_tZYVW3
date: Thu, 23 Mar 2023 15:51:53 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 38446
etag: "b0f31884dd9b3f686304e90a429bb906"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 3537
x-amz-cf-id: 80K4Igkm2HjnckcT14FL5F2WkVgt7odtnRisluP-g3NfsvPwfpCAEQ==

GET
H2 200 1-2-1.png
paymentissueruma.gogroth.com/wp-content/uploads/2022/11/ 450 KB
451 KB 406ms
393ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/11/1-2-1.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

adea23b4552a7e5beac833b5fe67b484b73d7df091c65649fbb02847c048e3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 460970
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 21 Nov 2022 16:47:08 GMT
server: Prometheus
etag: "637bab8c-708aa"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 font-awesome.css
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/ 36 KB
7 KB 130ms
109ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

7cfd0c8f8464a7b46db267b79a793db18abed3247065a29933440eab1db6a8f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: W/"605c2181-9027"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 css
fonts.googleapis.com/ 10 KB
943 B 38ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400%2C300%2C100%2C500%7CMontserrat:700

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd6e55040e749bcea952d54e7aa5cd8ce3a2ad34ee89c0d69dad07529a9708ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:32:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 02:32:00 GMT

GET
H2 200 background-style.min.css
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/ 9 KB
2 KB 131ms
111ms Stylesheet
text/css 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-css/background-style.min.css?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

1799f5f4c1ef63cf01499e15a4cc47beaa351c2661b4d1c4f6b9443e66ddef8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-2460"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 main.min.js Show response
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/ 368 KB
95 KB 134ms
114ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/js-lite/main.min.js?ver=9.9.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

507179a5680d28526955b2b8baa1678f3f2dd074df27eeedd4e74c97d1e1aa6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: W/"605c21d4-5bfd4"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 rbtools.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/js/ 121 KB
46 KB 151ms
132ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.4

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: W/"605c2181-1e437"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 rs6.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/js/ 349 KB
92 KB 157ms
137ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

82e917a6d6cefc504081aaff8f58a6d0b1332221583594c4a53c70a77a3251d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: W/"605c2181-575f9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 jquery.blockUI.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/ 9 KB
4 KB 166ms
147ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-2503"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 js.cookie.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/js-cookie/ 2 KB
1 KB 167ms
148ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-72a"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 woocommerce.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/frontend/ 2 KB
1 KB 168ms
148ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=5.1.0

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-812"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 gtm4wp-form-move-tracker.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
789 B 168ms
149ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:28:49 GMT
server: Prometheus
etag: W/"634901a1-5a9"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 underscore.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 19 KB
8 KB 169ms
150ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/underscore.min.js?ver=1.13.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-4a84"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wp-util.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 1 KB
1 KB 172ms
153ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/wp-util.min.js?ver=5.8.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-53c"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wp-emoji-release.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 18 KB
5 KB 437ms
425ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/wp-emoji-release.min.js?ver=42

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-4705"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 add-to-cart-variation.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/frontend/ 13 KB
4 KB 234ms
215ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=5.1.0

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

794afb583cd66a9d7a31a2ca0b8d98752cbd90fb0e5a8090b8301b4ccfaeafc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:12 GMT
server: Prometheus
etag: W/"605c21c4-350d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 frontend.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/js/ 13 KB
3 KB 234ms
216ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1.1.13

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

cb101e5e6a539e60d93682122881530c2854636fddf3981ca89af8a8507bd121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:21 GMT
server: Prometheus
etag: W/"605c2191-339b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 post-type.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/dt-the7-core/assets/js/ 25 KB
5 KB 235ms
217ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/dt-the7-core/assets/js/post-type.min.js?ver=2.5.5.2

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9da4a356a2ee90a570a77dbb4fcbc2605e6a1748d010579373c15f3a09836a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:00 GMT
server: Prometheus
etag: W/"605c217c-648b"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 slick.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/js/ 41 KB
10 KB 438ms
425ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/js/slick.min.js?ver=1.8.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

98bf081139b8ad9044ddfbc294e2014abb1d3818a9a2b2171c8ebb56c69be2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 11:43:25 GMT
server: Prometheus
etag: W/"60d31e5d-a5db"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 imagesloaded.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 5 KB
2 KB 235ms
217ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-15fd"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 frontend.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/js/ 15 KB
4 KB 438ms
425ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/woo-variation-gallery/assets/js/frontend.min.js?ver=1.2.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

850ed319eb0c924a0054d91582298934ffdf27327523030980098b695cee5c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 23 Jun 2021 11:43:25 GMT
server: Prometheus
etag: W/"60d31e5d-3b0f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 hoverIntent.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 1 KB
1 KB 236ms
218ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/hoverIntent.min.js?ver=1.10.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-5c8"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 maxmegamenu.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/megamenu/js/ 29 KB
5 KB 237ms
219ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.3

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:36:12 GMT
server: Prometheus
etag: W/"605c214c-7583"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 public.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/assets/ 21 KB
4 KB 239ms
222ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

3c330c7a653cac0ad5b39471807657a57b4b1bd62591b14c6098f7f6c3dfa9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 08 Apr 2020 09:05:42 GMT
server: Prometheus
etag: W/"5e8d93e6-54ee"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 ivory-search.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/add-search-to-menu/public/js/ 4 KB
2 KB 241ms
224ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=4.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

87392651263cd3f5d1cd417d2a9331879bbeef1c42f141f645b598823371ea90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:36:05 GMT
server: Prometheus
etag: W/"605c2145-117f"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 wp-embed.min.js Show response
paymentissueruma.gogroth.com/wp-includes/js/ 1 KB
1 KB 242ms
225ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-includes/js/wp-embed.min.js?ver=5.8.6

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Jul 2021 05:57:53 GMT
server: Prometheus
etag: W/"60fbabe1-592"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 js_composer_front.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 245ms
228ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0.1

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

314ce6baaa3218eb171fa2c278d7fdf1b9872305dfa667e9cbf2df77c83a9a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:15 GMT
server: Prometheus
etag: W/"605c218b-509d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 jquery-appear.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 1 KB
1 KB 246ms
229ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/jquery-appear.min.js?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9ece3127dd9e1c43bd6a9ac7d20c6d260ebaa48917007158560697efa3bfd32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-546"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 ultimate_bg.min.js Show response
paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ 44 KB
10 KB 247ms
230ms Script
application/javascript 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/ultimate_bg.min.js?ver=3.19.9

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

49dc3f884fe1fc3e8e497bdb37c63aee43cfde3f7b00bf755b01cba5e4271b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:10 GMT
server: Prometheus
etag: W/"605c2186-b188"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 51ms
14ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Mar 2023 02:32:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5NVh/2Xx4mNihSa8tRUns36Hu20jSpqSnqJBd2RleDKhXD6fuMqdSCHQvrJAtS/3A6N6d394+l1RkgU60yinNw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 140 KB
53 KB 60ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MH7WS34

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

363513aceb8f917cae8f9a2983ee10179bba439f9d7f817112cb76f633887140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54391
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 00:18:05 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Mar 2023 02:32:00 GMT

GET
H2 200 injector.min.js Show response
static.joinboulevard.com/ 16 KB
16 KB 483ms
408ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/injector.min.js
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 365086145b44de39bd4ace77eea011b67628b208be3a136488a6e12fb8f06915

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: ijkdJkTMR62fxZojRErFQ_Vfe3F2B5gM
date: Fri, 24 Mar 2023 02:32:01 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 06 Dec 2022 19:24:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
etag: "d11573c1e44ea20c99d555a776fe439f"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 16442
x-amz-cf-id: I3k1mrdAXjH0yQLWapS86eGp0mUXq2Fc0WUDTjkCJQSuXUW6tSSuwQ==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700%7CRoboto:400,600,700%7CMuli:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 237261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H2 200 icomoon-the7-font.ttf
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/ 47 KB
47 KB 425ms
424ms Font
application/octet-stream 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.ttf?wi57p5

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.9.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

e0394e418d7858c3f9fabb6897f4e9364cf86a23a809127690f467ad111f190d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/icomoon-the7-font/icomoon-the7-font.min.css?ver=9.9.1
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 48020
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: "605c21d4-bb94"
x-frame-options: sameorigin
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 206 Ruma.m4v
g99-resources.b-cdn.net/RUMA/ 3 MB
0 72ms
24ms Media
video/x-m4v 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://g99-resources.b-cdn.net/RUMA/Ruma.m4v
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash

Request headers

Referer: https://paymentissueruma.gogroth.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
cdn-edgestorageid: 1082
cdn-storageserver: NY-267
Content-Range: bytes 0-26615081/26615082
cdn-cachedat: 03/22/2023 18:52:36
cdn-pullzone: 867733
Content-Length: 26615082
last-modified: Mon, 14 Nov 2022 13:09:17 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 427
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/x-m4v
cdn-cache: HIT
cdn-uid: 667fd566-309c-4b1e-a5fa-dce4644622fe
cache-control: public, max-age=2592000
cdn-requestid: 1e21b1ee4f67f441e4efd51d954554ce
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 UBOjXuSxt8U Show response
www.youtube.com/embed/ Frame ACBC 70 KB
30 KB 117ms
72ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97dc759500db4b1955406af562eaf277a44ed94cebc9c34373244f827b522e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paymentissueruma.gogroth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 02:32:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 771257668 Show response
player.vimeo.com/video/ Frame F0A5 22 KB
9 KB 203ms
164ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/771257668?h=90841522d3&dnt=1&app_id=122963

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2378e0f729708cea7a6118a87e24310526c307bef77d286ab801545fe869ebf0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://.hivestreaming.com/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymentissueruma.gogroth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 7acb804b7a7c90d7-FRA
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://*.hivestreaming.com/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 Mar 2023 02:32:00 GMT
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Link: <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
Server: cloudflare
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 google, 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-Host: player-backend-5b664cf559-8zdbh
X-Player-Backend: g
X-Served-By: cache-fra-eddf8230058-FRA
X-Timer: S1679625121.566870,VS0,VE144
X-Xss-Protection: 1; mode=block

GET
H2 200 ruma-aesthetics-logo-ut-rumaaesthetics.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 170 KB
170 KB 385ms
377ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-logo-ut-rumaaesthetics.png?id=2069

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

b010b868b81d11e7387b4226fdc2a6308ff0afaa6e9a2bed143e909ac64e17fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 173766
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 20 May 2022 08:03:25 GMT
server: Prometheus
etag: "62874b4d-2a6c6"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700%7CRoboto:400,600,700%7CMuli:400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 237262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 ruma-ut-ruma-aesthetics.png
rumaaesthetics.com/wp-content/uploads/2020/04/ 10 KB
11 KB 593ms
546ms Image
image/png 2606:4700:3034::6815:1683
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rumaaesthetics.com/wp-content/uploads/2020/04/ruma-ut-ruma-aesthetics.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1683 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d6d0599fed4eed2e74a046b75bca895946ce195b23cba8fbc3ff43e548a6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10480
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Feb 2023 06:12:57 GMT
server: cloudflare
etag: "63e5e069-28f0"
x-frame-options: sameorigin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1B5P8Fw2vp2z94hYk1YmIGlQLAvFrX3oc9YEEzYeq50kTPfVZhDdHeeSCMC6TL9AteZJaCImFsdFT95acaZXslPJxxkKgC5xY0qPqdpJ6nFxjI5s%2BxxbyD6BfsEK7uqqhQoEZuBZTI%2Fp8chAcUiNut8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=10, stale-if-error=10
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7acb804bbde79b74-FRA

GET
H2 200 Ruma-resize.png
paymentissueruma.gogroth.com/wp-content/uploads/2022/11/ 182 KB
182 KB 367ms
365ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2022/11/Ruma-resize.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

c39e136694085bca77cbb0527d35d5480862502cbbb02e82ca52280b135ab093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 185963
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 01 Nov 2022 19:24:43 GMT
server: Prometheus
etag: "6361727b-2d66b"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 2294840007434112 Show response
connect.facebook.net/signals/config/ 380 KB
108 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2294840007434112?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

257d35a5023623b765458d399874c1a99e62783f4d2b89dc45ebb69e3ea90ec7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 Mar 2023 02:32:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: P1lKibqSDKH39E9cvRpCD9wgBkgIdOU1YjBTfWWs/hIVjt+VEhi1ZwSyx07U1zVT3XLo79xq+QfRmTGA8Ix+zg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 default Show response
api.growth99.com/api/public/chatbottemplates/ 688 B
1 KB 121ms
121ms XHR
application/json 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growth99.com/api/public/chatbottemplates/default

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-160-173.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

197e79ec2952a3ed1896de5eb725308428fcd942ce4679c9c6011a8731d8d2cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://paymentissueruma.gogroth.com/
accept-language: de-DE,de;q=0.9
X-TenantID: 137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://paymentissueruma.gogroth.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
expires: 0

OPTIONS
H2 200 default
api.growth99.com/api/public/chatbottemplates/ Frame 0
0 827ms
108ms Preflight 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growth99.com/api/public/chatbottemplates/default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-160-173.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenantid
Access-Control-Request-Method: GET
Origin: https://paymentissueruma.gogroth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://paymentissueruma.gogroth.com
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Mar 2023 02:32:01 GMT
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
82 KB 55ms
43ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3MPFLF80RB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166905251-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc15e6436f9a95bdb5063fe1a263a63ff4fe29a6c7f536ee16adc82ac644e962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83715
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Mar 2023 02:32:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 333ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166905251-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 02:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1609
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Mar 2023 04:05:11 GMT

GET
H3 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 13 KB
13 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C300%2C100%2C500%7CMontserrat:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:41 GMT
x-content-type-options: nosniff
age: 237259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12848
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:41 GMT

GET
H2 200 fontawesome-webfont.woff2
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/fonts/ 75 KB
76 KB 352ms
325ms Font
application/font-woff2 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 77160
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: "605c2181-12d68"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 www-player.css
www.youtube.com/s/player/ace4d669/ Frame ACBC 399 KB
51 KB 46ms
43ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 23:03:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51763
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 23:03:10 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/ace4d669/www-embed-player.vflset/ Frame ACBC 347 KB
108 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 23:24:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110254
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 22 Mar 2024 23:24:03 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame ACBC 2 MB
613 KB 78ms
75ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 626819
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:03:09 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/ Frame ACBC 9 KB
3 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 01:37:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 23 Mar 2024 01:37:05 GMT

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.23.0/js/ Frame F0A5 479 KB
116 KB 121ms
1ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.0/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/771257668?h=90841522d3&dnt=1&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fcce014e73befb225bb92548d0007fa054a506122a33f7081af6c9b1031c7937

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100073-IAD, cache-fra-eddf8230100-FRA
date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 26729
x-timer: S1679625121.909531,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 118420
x-cache-hits: 23, 7545

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.23.0/js/ Frame F0A5 380 KB
91 KB 139ms
19ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.0/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/771257668?h=90841522d3&dnt=1&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3e439bfd3684c34bceb574ca0ddfa32cab5ec9d8e371c74aacfeefd506ed0353

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000132-IAD, cache-fra-eddf8230100-FRA
date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 26729
x-timer: S1679625121.909638,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 93133
x-cache-hits: 25, 8255

GET
H2 200 player.css
f.vimeocdn.com/p/4.23.0/css/ Frame F0A5 203 KB
21 KB 129ms
9ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.23.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/771257668?h=90841522d3&dnt=1&app_id=122963
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 322762985571701a140d2de220b100c4c245f27d8f78fc4c77537482c15088e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200038-IAD, cache-fra-eddf8230114-FRA
date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 26729
x-timer: S1679625121.909652,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20941
x-cache-hits: 24, 7816

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACBC 15 KB
15 KB 49ms
44ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 237262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame ACBC 15 KB
15 KB 50ms
46ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:38 GMT
x-content-type-options: nosniff
age: 237262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:38 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 99ms
5ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2416583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWWiMUGVwZ3eNghYSwaRXFuaKHqzz849fqUVsyYCnn1q0wzVV9X%2Be3%2F2zd%2BSCMaIRtBZ1%2BQKZVJq8ejvdVFsIMFLzDY3J7tf7Ue196BaPikPO9YJArWSLXykGjDzz2Fc7tjSBs%2B5gH6INdTv9inLWulh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7acb804d8ecdbbd3-FRA
expires: Wed, 13 Mar 2024 02:32:00 GMT

GET
H2 206 Ruma.m4v
g99-resources.b-cdn.net/RUMA/ 71 KB
72 KB 72ms
23ms Media
video/x-m4v 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://g99-resources.b-cdn.net/RUMA/Ruma.m4v
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 4b9348e7c8f6dce035edbd2484545d6d593ccdaf3eea5070b6138deff1be1caa

Request headers

Referer: https://paymentissueruma.gogroth.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=26542080-

Response headers

date: Fri, 24 Mar 2023 02:32:00 GMT
cdn-edgestorageid: 1082
cdn-storageserver: NY-266
Content-Range: bytes 26542080-26615081/26615082
cdn-cachedat: 03/22/2023 18:52:37
cdn-pullzone: 867733
Content-Length: 73002
last-modified: Mon, 14 Nov 2022 13:09:17 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 427
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/x-m4v
cdn-cache: HIT
cdn-uid: 667fd566-309c-4b1e-a5fa-dce4644622fe
cache-control: public, max-age=2592000
cdn-requestid: 36337bfcfde8eae7df0995928262ee2f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 74ms
16ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2294840007434112&ev=PageView&dl=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&rl=&if=false&ts=1679625120947&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679625120944.1775872753&it=1679625120603&coo=false&rqm=GET

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 Mar 2023 02:32:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 42ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MPFLF80RB&gtm=45je33m0&_p=277990475&cid=1423525332.1679625121&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679625121&sct=1&seg=0&dl=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&dt=Medical%20Spa%20%7C%20RUMA%20Aesthetics%20Lehi%2C%20Utah&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MPFLF80RB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paymentissueruma.gogroth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
215 B 15ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=277990475&t=pageview&_s=1&dl=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&ul=en-us&de=UTF-8&dt=Medical%20Spa%20%7C%20RUMA%20Aesthetics%20Lehi%2C%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1467269083&gjid=1913850392&cid=1423525332.1679625121&tid=UA-166905251-1&_gid=637376502.1679625121&_r=1&gtm=457e33m0&jsscut=1&z=829905966

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paymentissueruma.gogroth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paymentissueruma.gogroth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icomoon.ttf
paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/ 1 KB
2 KB 109ms
108ms Font
application/octet-stream 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/icomoon.ttf?jg74fd

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/icomoon.css?ver=5.8.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

2db0b267e7f9163a53e0ac9cfbb49cc61fe2a0cd247b384a66863d12dc9731af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymentissueruma.gogroth.com/wp-content/uploads/smile_fonts/icomoon/icomoon.css?ver=5.8.6
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1488
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 06 Apr 2020 17:58:02 GMT
server: Prometheus
etag: "5e8b6daa-5d0"
x-frame-options: sameorigin
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 Ruma-Aesthetics-Logo_Two-UT-RumaAesthetics.svg
paymentissueruma.gogroth.com/wp-content/uploads/2021/12/ 12 KB
5 KB 110ms
109ms Image
image/svg+xml 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2021/12/Ruma-Aesthetics-Logo_Two-UT-RumaAesthetics.svg

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

cabbe6a40325f41ff8a81ecb40d3890af8d9e36d6f46da2a6b7ce101b20ddefe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Jul 2022 11:36:47 GMT
server: Prometheus
etag: W/"62c2d0cf-2ff0"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10

GET
H2 200 ruma-aesthetics-background-UT-Ruma-Aesthetics.png
paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ 6 KB
7 KB 110ms
109ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/uploads/2020/04/ruma-aesthetics-background-UT-Ruma-Aesthetics.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

d0b61464a99017bf71c55925970bdbfb9cdbab4e2a66ddd1ae47b8c973e997c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6602
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Sep 2020 04:19:57 GMT
server: Prometheus
etag: "5f62e3ed-19ca"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 loader.gif
paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 109ms
108ms Image
image/gif 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/assets/loader.gif

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2545
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:37:05 GMT
server: Prometheus
etag: "605c2181-9f1"
x-frame-options: sameorigin
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame ACBC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

15ms
14ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fed90956f343adfcadc3fd36317e7e0ffbe9bc0d8c7ed394b3dd34220e73e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 24 Mar 2023 02:32:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame ACBC 29 B
494 B 29ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:20:11 GMT
x-content-type-options: nosniff
age: 710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 02:35:11 GMT

GET
H2 200 1547940318-db3533a6e417f6d355893216f0264d5325e3052b8db9ebfa8bbc8256386fd6c2-d
i.vimeocdn.com/video/ Frame F0A5 20 KB
21 KB 15ms
8ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1547940318-db3533a6e417f6d355893216f0264d5325e3052b8db9ebfa8bbc8256386fd6c2-d?mw=800&mh=422
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82127373162a00ba4e270703a31ae9c51988a7b1a127aaea7be3941dafe058b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 476899
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 20894
viewmaster-server: viewmaster-us-east1-p28q
x-served-by: cache-dfw-kdfw8210094-DFW, cache-fra-eddf8230114-FRA
x-timer: S1679625122.716411,VS0,VE1
etag: 9496c7180b9bf645850c027470cd3999
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 25, 1

GET
H2 200 widget Show response
dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/ Frame 649F 18 KB
6 KB 341ms
109ms Document
text/html 52.72.172.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/injector.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-163.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

159c0f841d675b55c313c2f9ec8fc278e68123746dd60f92c2a8b11d91705fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://paymentissueruma.gogroth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 5803
content-type: text/html; charset=utf-8
date: Fri, 24 Mar 2023 02:32:02 GMT
server: Cowboy
strict-transport-security: max-age=31536000
vary: accept-encoding
x-request-id: F086JkEEvn6hyUgWUp7D

GET
H2 200 c742696288.js Show response
kit.fontawesome.com/ 11 KB
4 KB 43ms
25ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/c742696288.js

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dadd529fad5a0d66f372c772b9c2f90bdb87bae6df31998ec710081a5066dea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7acb80533a812c7a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0gqNjLvx-Wdar8Mzdrh

GET
H2 200 emr-chat3.js Show response
chatbot.growth99.com/assets/js/ 17 KB
18 KB 9ms
9ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/assets/js/emr-chat3.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/assets/js/chatbot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd52643f8c07afac0cf1bfa49c91101e414bd413a4a144339a163ccc3a0e37ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: x12ojnnxHIGub0eRrMtQaIquK6IoEw8i
date: Thu, 23 Mar 2023 15:11:14 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40951
etag: "a43059bb09bbd2d968555b2230774b79"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 17804
x-amz-cf-id: Qd-JWdgKVPhPI9cFdLqHnn90XnM2Deb11xHWqHxE0nlpp7hg9YVfhg==

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
15ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 24 Mar 2023 02:32:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ACBC 66 KB
31 KB 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8b484327f76a95a47f62ad406d575b4be797afd54cd62eb648e2e600fb4d5da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31225
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame ACBC 116 KB
36 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36510
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:03:14 GMT

GET
H2 200 -i4BvPHlj92BuV6XzAqUG3CoaRx1Xg20dibDBHkkejI.js Show response
www.google.com/js/th/ Frame ACBC 36 KB
15 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/-i4BvPHlj92BuV6XzAqUG3CoaRx1Xg20dibDBHkkejI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa2e01bcf1e58fdd81b95e97cc0a941b70a8691c755e0db47626c30479247a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 19:30:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14347
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Mar 2024 19:30:01 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/ Frame ACBC 28 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 16:03:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 124131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8724
x-xss-protection: 0
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 21 Mar 2024 16:03:10 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 887C 0
58 B 7ms
6ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://paymentissueruma.gogroth.com
Referer: https://paymentissueruma.gogroth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://paymentissueruma.gogroth.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 02:32:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 close.png
paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/img/theme_3/ 455 B
852 B 108ms
108ms Image
image/png 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paymentissueruma.gogroth.com/wp-content/plugins/popup-builder/public/img/theme_3/close.png

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

5ce560c2a8ed404221cd83dd99e39b08b6d553878b4d295e8e4576db7e49cfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 455
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 14 Oct 2022 06:31:54 GMT
server: Prometheus
etag: "6349025a-1c7"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 1547940318-db3533a6e417f6d355893216f0264d5325e3052b8db9ebfa8bbc8256386fd6c2-d
i.vimeocdn.com/video/ Frame F0A5 20 KB
20 KB 7ms
7ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1547940318-db3533a6e417f6d355893216f0264d5325e3052b8db9ebfa8bbc8256386fd6c2-d?mw=800&mh=422
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82127373162a00ba4e270703a31ae9c51988a7b1a127aaea7be3941dafe058b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:01 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 476899
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 20894
viewmaster-server: viewmaster-us-east1-p28q
x-served-by: cache-dfw-kdfw8210094-DFW, cache-fra-eddf8230114-FRA
x-timer: S1679625122.958282,VS0,VE0
etag: 9496c7180b9bf645850c027470cd3999
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 25, 2

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame ACBC 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0aa2bd21f9d3c30d674bffc2aac7985eb2d2b27d10976c35ebcb9d5fa92405ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 24 Mar 2023 02:32:02 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 143ms
109ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
via: 1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efNK%2BMMjwpdOgcUXIxSqPq4NFaUm9dRpW570YMWJisIjaWnWMpLf4AxpPSRV4FS0vEhB1ZUUf%2BvPVVL2hvHkMvHInLSd%2FKP1rewV7OVNffrdK7P5OkxNkWmzKafQKyEEu3M0GUUZVLDCzSOixp1wXCaGJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805548c53a7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qTbYbpLaWXcV76XkSaMrvWNw38OgGDzgoGmnMhDnoTFZ5HUlRC_jBw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 409ms
375ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
via: 1.1 3844a554993ef7edabea082622b10c44.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAH50-C1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcqE5JLmQEux14iop5l9K8jkLFU6yu6yaWpp8%2FM1PtvcHmgHypLstbENnvCf%2BUbV8luP4OG60og%2BrKnXIqEaolg9ABw69siSx5gem1HGtqUTNiErxFxHjPspM408Txr%2FFBqGNJ8kaayqPy%2BosYV0Y0WI%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805548c73a7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: g9Tm-ETG-63THmapERmvLl8V-m1YE2PVDOEs71jUkkl7gjVslV9Uhg==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 314ms
280ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
via: 1.1 cea4663e4864185add284e6e883e90f2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1w%2FponHISulY84aEPKQYjMha2HGJpcsoh1YzUHJcf3l1kt4%2BPMPT1nigykcsvsgHQMLB3tOJUGg1oVoVlw8MIi2CrgMg8zYXSGEeJqppfy5mtI1Wlec1bRn1BgMfJsSHXz6JhcydOrGpNCuWGT3HlEmAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805548c83a7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DopRuAwHSbcli6X3GIOaErlnZkhoM9lsfBMAWi7LrhKk85SXKWreRw==

GET
H3 200 icon
fonts.googleapis.com/ Frame 649F 569 B
366 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Mar 2023 02:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Mar 2023 02:32:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Mar 2023 02:32:02 GMT

GET
H2 200 runtime-es2015.b6d3a49f96db8a68932b.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 2 KB
3 KB 468ms
449ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f739bbaa9aeb7034266757e05097731772dc83def40d5ff3e7625d353837daa

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: b2SFIMdR3MEE9tBTr5fzGJjAvFwfPHbI
date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: REPLICA
content-length: 2519
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
etag: "384b4c9b2c3d6ee8918155fb01020fdd"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: LI8OBWEtLxqrOaGi5jfq4UJ2jm1vRiGi2gAJZQlvGLYnfM4TU_WkAw==

GET
H2 200 polyfills-es2015.d1b6fd76755b41df2d45.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 92 KB
93 KB 468ms
450ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c51dbc4151fca5b6076cabf2e71438e5e2f90729a2148f23dc7eb9e9b84dc35

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: bzBGebRjA9wNPO2yt1gM1nqIUl1oABPU
date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 94453
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
etag: "ced1a80d2e1e4bb4ff6b33ef6522c2ed"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: alIfOh-ixyBMPRaezWr9x6671ZyCxJY7iYU17eyJnU0wg9ovohkS-Q==

GET
H2 200 styles-es2015.464e7d8437339bf414f6.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 484 KB
485 KB 430ms
412ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/styles-es2015.464e7d8437339bf414f6.js
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf1c72c81d9aba127a532955cd5179bc736bb23219142538f920dc57ffadeb3f

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: v4bOwojEVj0huLq6pe6_EJ.ZU9A0x5LE
date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 495313
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
etag: "d2089e4e7d884984d75171b58d48f7ec"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 6ZnzvgRW8b6lBge5Y1COCEb0QA-HFXhKgeCGHS2GzrQVEsFcQDPIdg==

GET
H2 200 main-es2015.70d7f7579be163bd49a5.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 2 MB
2 MB 458ms
440ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/main-es2015.70d7f7579be163bd49a5.js
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1da22d600c2d43e8a0e82c60d51ac54c5ce17af032e9b80d0bb4a778e47d785

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: XxtFgUVaty5FRzL4XP7RvzHMJs5LHpkS
date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1731815
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
etag: "130bad01b07475306c42d8e1f1ca9ff3"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: sfA-WRciXPXItstLWQlPFgVzjnX5AP0G0TMb7EEJUZ7u8E4lQzNI2Q==

GET
H2 200 timezone-data-es2015.758593271cefa80dd85d.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 184 KB
185 KB 466ms
448ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/timezone-data-es2015.758593271cefa80dd85d.js
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bab7074824c52f72732fc46dd10358b8e00d91f6c2ab0733946914d1d7f62beb

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: GaWID2mhFMmWg0cJ4m642QMg7FTcnIWB
date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 188273
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
etag: "33784ca2c4bd70c42c090126ecdfe520"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: sswic8S6vk8sZMEHpdLCEYbQSAFpNSkmmZRncTXkTQw6stsk7aicug==

GET
H2 200 questionnaire Show response
api.growth99.com/api/public/v1/ 196 B
763 B 109ms
109ms XHR
application/json 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growth99.com/api/public/v1/questionnaire

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-160-173.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8f7f36f6555be4e14775a376ac3dcb332f29fb8eb04d6b9d27da25d11f9cbbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://paymentissueruma.gogroth.com/
accept-language: de-DE,de;q=0.9
X-TenantID: 137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://paymentissueruma.gogroth.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
expires: 0

OPTIONS
H2 200 questionnaire
api.growth99.com/api/public/v1/ Frame 0
0 107ms
107ms Preflight 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growth99.com/api/public/v1/questionnaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-160-173.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenantid
Access-Control-Request-Method: GET
Origin: https://paymentissueruma.gogroth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://paymentissueruma.gogroth.com
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Mar 2023 02:32:02 GMT
server: nginx

GET
H3 204 generate_204
www.youtube.com/ Frame ACBC 0
10 B 10ms
9ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Mj4E3w
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C300%2C100%2C500%7CMontserrat:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 237262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame ACBC 4 KB
2 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 02:32:02 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 649F 49 KB
20 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Mar 2023 02:05:11 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Mar 2023 04:05:11 GMT

GET
H/1.1 200
OK medium.png
s3.amazonaws.com/prod-boulevard-dashboard/uploads/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/banner/ Frame 649F 588 B
1 KB 648ms
126ms Image
application/octet-stream 54.231.172.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/prod-boulevard-dashboard/uploads/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/banner/medium.png?v=63821258998
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.172.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 258943549b7c819700488f5d2e0b45a44c7b625ccae2973fa35206f6365795a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 02:32:03 GMT
x-amz-version-id: 0wLi7OCXaI9JZi5aQdGMH1L6Yn.TQBzV
Last-Modified: Tue, 31 May 2022 23:29:59 GMT
Server: AmazonS3
x-amz-request-id: DGXWDP9NDF78XGZC
ETag: "7563efbcfa9f36e2978baab4fafb852d-1"
Content-Type: application/octet-stream
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 588
x-amz-id-2: kDf45QkA0HQ8BqDXQ5e3mmDb7lR9vQM16wXuHfpNvtk7NsTDy6FGjgKIRzovN+uy6eZJR9aeyxI=

POST
H2 200 admin-ajax.php Show response
paymentissueruma.gogroth.com/wp-admin/ 1 B
459 B 2732ms
2732ms XHR
text/html 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-admin/admin-ajax.php

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://paymentissueruma.gogroth.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 24 Mar 2023 02:32:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
server: Prometheus
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://paymentissueruma.gogroth.com
cache-control: private, no-store
access-control-allow-credentials: true
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/111/ Frame ACBC 50 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/111/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 10:21:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 16:05:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 24 Mar 2023 10:21:14 GMT

GET
H2 200 chatconfigs Show response
api.growth99.com/api/public/ 1 KB
2 KB 128ms
128ms XHR
application/json 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growth99.com/api/public/chatconfigs?businessId=137

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-160-173.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87b3b44b790fd7d001aab52084033ad9cec700ac99104b4d7f27c7fa8801d2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://paymentissueruma.gogroth.com/
accept-language: de-DE,de;q=0.9
X-TenantID: 137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://paymentissueruma.gogroth.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
expires: 0

GET
H2 404 chat3 Show response
chatbot.growth99.com/business/137/ Frame ACB7 23 KB
24 KB 164ms
163ms Document
text/html 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/business/137/chat3?color=
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/assets/js/emr-chat3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb25a6a91c7444f85c076136f1aaf9d033239832403f862a9ed9819ff1a93b8b

Request headers

Referer: https://paymentissueruma.gogroth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 23673
content-type: text/html
date: Fri, 24 Mar 2023 02:32:02 GMT
etag: "13f9259ee42d2b4fc061cf0cec7e6c38"
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-amz-cf-id: sUB_JEvEqjB_SlWYDgiWJPQo6BxMlzzHHzKGb_Dx8jhRinkO74Lzeg==
x-amz-cf-pop: FRA56-P5
x-amz-error-code: NoSuchKey
x-amz-error-detail-key: business/137/chat3
x-amz-error-message: The specified key does not exist.
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-version-id: l51ylRV3HiAuAnqRhNwzmZDsm8lQgpNX
x-cache: Error from cloudfront

GET
H2 200 qb_white.5666872a.png
static.ai.getdeardoc.com/website/img/ 2 KB
2 KB 485ms
23ms Image
image/png 2600:9000:2113:cc00:e:27fd:3980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ai.getdeardoc.com/website/img/qb_white.5666872a.png
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2113:cc00:e:27fd:3980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d06707997b8d53e355a7a9ff55163669fc1a693d3650f762271f0922f1bfe8fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 01:15:20 GMT
x-amz-version-id: jK_8.ahETvSr84vyrF0KV4ZDv0EBDC6P
via: 1.1 4d3cb112ba0fbd4ca512145fa0e04a78.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C1
age: 523003
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1854
last-modified: Fri, 17 Mar 2023 23:56:09 GMT
server: AmazonS3
etag: "dfaa8061a59ad71af8754de524865452"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: mlCTj_CjElZT1z-m0BStPVOSRRcr7GHVts6HS3pi72wg_wQyXhO41w==

GET
H2 200 fa-solid-900.woff2
paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/ 76 KB
77 KB 110ms
109ms Font
application/font-woff2 209.50.56.141
UPCLOUDUSA

General

Check archive.org

Show headers Download Go to

Full URL

https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/webfonts/fa-solid-900.woff2

Requested by

Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=9.9.1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.50.56.141 Phoenix, United States, ASN25697 (UPCLOUDUSA, US),

Reverse DNS

209-50-56-141.us-chi1.upcloud.host

Software

Prometheus /

Resource Hash

ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paymentissueruma.gogroth.com/wp-content/themes/dt-the7/fonts/FontAwesome/css/all.min.css?ver=9.9.1
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 78212
x-xss-protection: 1; mode=block
pre-cognitive-push: Enabled
quantum-flux-capacity: Omega
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Mar 2021 05:38:28 GMT
server: Prometheus
etag: "605c21d4-13184"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31535990, stale-while-revalidate=10, stale-if-error=10
accept-ranges: bytes

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 115ms
114ms Font
font/woff2 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://paymentissueruma.gogroth.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
via: 1.1 827e4274db61b1bc4aa840491aa652a0.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWrXEYdbvRvye7ESuzY4X9VEBsCVxftKQe5HXPW%2BG7y78LKTsMuKZ397n9YI2sUayajrd7ePc6llCAIEbP0PVR9C4JgiGqmLbJMOnzj6xviBJi8%2B3yC1RvvERunrEcHNOOnWVxA%2Fa5TEnr3Mt5ASFCmVAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7acb8057eb063a7e-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YdL0giuoGGvEGd5s9bH2QdRZ-Af12stCrtVVYdoq1bampWBn5WrX6g==

POST
H2 200 / Show response
o435284.ingest.sentry.io/api/4504419127263232/envelope/ Frame 649F 2 B
282 B 96ms
9ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o435284.ingest.sentry.io/api/4504419127263232/envelope/?sentry_key=1411e909bc0b4ab29c29b1dfc1c5fb89&sentry_version=7&sentry_client=sentry.javascript.angular%2F7.28.1

Requested by

Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://dashboard.boulevard.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 Mar 2023 02:32:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://dashboard.boulevard.io
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H/1.1 200
OK medium.png
s3.amazonaws.com/prod-boulevard-dashboard/uploads/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/ Frame 649F 12 KB
12 KB 268ms
121ms Image
application/octet-stream 54.231.172.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/prod-boulevard-dashboard/uploads/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/medium.png?v=63823231436
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.172.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8e5070cc7232c51345012734365f8ac263bfa56a1cafed525fed643ec093c714

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 02:32:04 GMT
x-amz-version-id: WVS3B6pUwl9GrtNtQcnEJdwu_iu7zb79
Last-Modified: Thu, 23 Jun 2022 19:23:57 GMT
Server: AmazonS3
x-amz-request-id: SC8H8R8RB7WMA4RG
ETag: "5d9d4f3873c625cbc9f148bd4e0710c2-1"
Content-Type: application/octet-stream
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 11810
x-amz-id-2: SIL4tbsgBaco64hsvaFJizHcvb9HB0q55DoNJlLrSDYCOSPpB/O/vadwvbQM/n7rOn8trWROsl0=

GET
H2 200 cerapro-regular.woff
static.joinboulevard.com/fonts/cera-pro/ Frame 649F 65 KB
66 KB 414ms
414ms Font
application/font-woff 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/fonts/cera-pro/cerapro-regular.woff
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39a0926d27fd4e20f684591d03dda70e43f36a6ba5a44e058769b5d124e43c04

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: osyr1wQ1g34A_62_kTx649Vj6jxvC4zX
date: Fri, 24 Mar 2023 02:32:04 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
x-amz-replication-status: REPLICA
content-length: 67020
last-modified: Wed, 15 Aug 2018 23:14:44 GMT
server: AmazonS3
etag: "b68d2210028dea515fcb69b56deae178"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: eCzDEydBMG05eom7MixDrLY-z8gIK4pXYLHAF-5zNpkLA5OBXtTF0w==

GET
H2 200 11-es2015.5dcfbf13410e5fa1d4b6.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 7 KB
7 KB 413ms
413ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/11-es2015.5dcfbf13410e5fa1d4b6.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f4bcf30030b269ed74060ab9d7a268b7b9fc149011b3a7a9a69cda42d3e810a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: dTVFpbTp4jsIRKtA4wKibMtpsh7IPYWj
date: Fri, 24 Mar 2023 02:32:04 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 14:50:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "4fbcb9d357c4faab169643d99f1223cc"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6858
x-amz-cf-id: F6COMKWIVq1ICPgKZ3q6LESnJZlieo1ToNPVJ2ZJ-H1hqNKx7T9TUw==

GET
H2 200 cerapro-bold.woff
static.joinboulevard.com/fonts/cera-pro/ Frame 649F 65 KB
65 KB 415ms
415ms Font
application/font-woff 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/fonts/cera-pro/cerapro-bold.woff
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9ed7299bab40153ee958156f65aefaf056c20f4f63e4e183261a56feccabf06

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: cQbTy80gyWrr7kf1SzWJm.BYOW4YFa55
date: Fri, 24 Mar 2023 02:32:04 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
x-amz-replication-status: REPLICA
content-length: 66384
last-modified: Wed, 15 Aug 2018 23:14:31 GMT
server: AmazonS3
etag: "bf34b4a9f39d0ed26e76f3eb6b13d52f"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: YbBsjG5F5sEJ9qhq6PPrq1O5piXq9xjoOTZECmkRYCvAhwoSTJNL6Q==

GET
H2 200 cerapro-medium.woff
static.joinboulevard.com/fonts/cera-pro/ Frame 649F 65 KB
66 KB 414ms
413ms Font
application/font-woff 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/fonts/cera-pro/cerapro-medium.woff
Requested by: Host: dashboard.boulevard.io
URL: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa7437452e69f5b990eee286f12261aaa67548f17d83a4dcac86034e621d8f33

Request headers

Referer: https://dashboard.boulevard.io/
Origin: https://dashboard.boulevard.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: KOK0nV.otzEjCIeEg3JJvC4ltfM_T3Ph
date: Fri, 24 Mar 2023 02:32:04 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: RefreshHit from cloudfront
x-amz-replication-status: REPLICA
content-length: 66692
last-modified: Wed, 15 Aug 2018 23:14:39 GMT
server: AmazonS3
etag: "1f53aea736120e181df1a3ee768da71e"
access-control-max-age: 3600
access-control-allow-methods: GET, PUT, POST
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: d7ra4f0Kh2MAmi8P_nUS5Gb0mV5dSxJUVwcJJiJ4UU5ARBr65EGkvg==

OPTIONS
H2 200 chatconfigs
api.growth99.com/api/public/ Frame 0
0 106ms
106ms Preflight 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growth99.com/api/public/chatconfigs?businessId=137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-160-173.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-tenantid
Access-Control-Request-Method: GET
Origin: https://paymentissueruma.gogroth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://paymentissueruma.gogroth.com
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Mar 2023 02:32:02 GMT
server: nginx

GET
H2 200 c742696288.js Show response
kit.fontawesome.com/ Frame ACB7 11 KB
4 KB 45ms
27ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/c742696288.js

Requested by

Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dadd529fad5a0d66f372c772b9c2f90bdb87bae6df31998ec710081a5066dea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://chatbot.growth99.com/
Origin: https://chatbot.growth99.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7acb805add9b6931-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Fy_7InhOsA2HLwpJHrJi

GET
H2 200 runtime.66ac805d9ac0f9f36cc9.js Show response
chatbot.growth99.com/ Frame ACB7 3 KB
3 KB 7ms
6ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/runtime.66ac805d9ac0f9f36cc9.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee468fb1c05222f952671063379fec6a80b7564052d020bba2a75aef38731ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: IuOHSKGrBFjW8Hu43T4GdThEM0SEYbHU
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40951
etag: "d8e49f54339a39ab60304eeaf81dd7af"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 2836
x-amz-cf-id: wP_zWt4buoEqDiVal4-RsCfwDiC3iJ23MBFvAoyzciYlCzrecVluoA==

GET
H2 200 polyfills.827d0685fcb34df2908f.js Show response
chatbot.growth99.com/ Frame ACB7 36 KB
37 KB 7ms
7ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/polyfills.827d0685fcb34df2908f.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e878aa3d4ffc17b764831da9837caa45a317369d0358edf88d049224a480923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: RkBLppRGzAKa6Enr7qqlcsDj1gKwIu2E
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 66051
etag: "254dcd52f1fd5bb26d9c6d1e2e769b96"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 37076
x-amz-cf-id: QdtnAMghSXj4kkV8jCuQCni5Moxg3uvh_laYbdIn4BYrk8Z75-f_VQ==

GET
H2 200 scripts.a2dc212cb9823d6e9d01.js Show response
chatbot.growth99.com/ Frame ACB7 148 KB
148 KB 7ms
6ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/scripts.a2dc212cb9823d6e9d01.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd72eb7bccf5776587fd11ed3f8562f40d992f94e0412b098bd850ddb2de770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: VOPH.pJu.7qd1yipf3sjXtUJ.UKmntyQ
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40952
etag: "1ddba2695a08e8b2afe14d57fa21fec5"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 151048
x-amz-cf-id: sXnSlPkQ-V13tC0K4JCg2w9hdkbpJr5lFTlHfXhQnUqb2_6kN1etiA==

GET
H2 200 main.7a11d535e27cc8aba04e.js Show response
chatbot.growth99.com/ Frame ACB7 278 KB
279 KB 7ms
6ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/main.7a11d535e27cc8aba04e.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20046e393fed4ed15f6ec36b16e50de9541acaeb589545660c1c7c854672e263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: .YIMzGmQqplCWrcbVJ.YXEDp64c6oQEw
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40952
etag: "2478ef04f9c2e71a817e3058a5e787e9"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 284306
x-amz-cf-id: Rka2nEOXmV4G2vUHPT9g3twktgoLqFYQvgdo8VnUeymfysPiVVMVxw==

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame ACB7 59 KB
13 KB 16ms
15ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 c24bf4c03d36f2d43fb38710581fa0e6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 8795462
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBo7ECw0apphjbXdkL0K4m6WOjVZMQmfYtkjB4V1m3%2FF9eyFNw%2BHVreTnEEMpn13hS0a9dCUtJejPt6f%2BdrUqzsmKj4vwHueUNZL19xnpzVRbek3mHiPxvcvRCJ%2FLocT%2FcgwsVRQlZz6yCGFELYzgb2xAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805b0c489a03-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 1hN4YBU_x1Ke-6VL2LuleC13TkL1zdbHCnW-IVkv5L7w55OMtBzsfg==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame ACB7 26 KB
5 KB 22ms
21ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 e345c29560592087623dbe75e8d765d6.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 8795462
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6%2FAUvnlFgQgpXSJCA%2FAGpOqnGS6vScpvvYayABjlLZGgQJiqynY2QQOt1bGXd0m8A1GD3QGE0an9vyqC24p6c7YXHPPLAaCUEyhHS56NmhRa%2FnuhEGMbMOEr26waGix4M0PiXdItK0E9SioZaVZbgXPUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805b0c4a9a03-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: M-ssSbNMcM-wcrrgQxDWN2T-PzbOjCJKnIrly0LjHTkEXzVq-2Hmtg==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame ACB7 3 KB
1 KB 15ms
14ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=c742696288
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c742696288.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS1-P2
age: 8795462
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfgeKOWBI4EtWxHDdS%2B6RR10wi3J%2FrDJpZVDuQ75KHIDNk2Pm%2Ffy9upDCxu9vlGd3RaXwkr0pMR9vaw189aqxMt6LGQHibQGG6gl0K2H6PN5kl2hM%2F4lsh9pUsykY2XfsS%2BG9ppSaEf7g6qNYvJc%2FdTj2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7acb805b0c4c9a03-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: aiMa98l4OF9FcoABJXmC7MJD7kRBLM8zWBjgQ-cg_zKVKyRGukI6nA==

GET
H2 200 styles.ea2027ece1aa64b62336.css
chatbot.growth99.com/ Frame ACB7 141 KB
142 KB 7ms
6ms Stylesheet
text/css 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/styles.ea2027ece1aa64b62336.css
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19518ef3cd1a74ff21fa2d89aca7530e8c143f0027324554af1015f92596820d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: oLujMp2jnKggRZYxGJ2Dk3RXxQUGaCIt
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40955
etag: "965504027ae04c0921ebe9edcabe91aa"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: text/css
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 144874
x-amz-cf-id: svTrANQpD_1kYXDTbibOKTBJwnvaj46JiSgfXh81CjJEFwJ6m7CQTQ==

GET
H3 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ Frame ACB7 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chatbot.growth99.com/
Origin: https://chatbot.growth99.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 237263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H2 200 355.c7116b31915a238524ad.js Show response
chatbot.growth99.com/ Frame ACB7 563 KB
564 KB 7ms
6ms Script
application/x-javascript 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chatbot.growth99.com/355.c7116b31915a238524ad.js
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/runtime.66ac805d9ac0f9f36cc9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 094a9cffb020269ceb4c5105b63ccbdb3abc2574b7dbc9040d9e760338f40a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: fXUYlZCnqhOD11WAffQANQKv5Tsalo99
date: Thu, 23 Mar 2023 15:11:15 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 40957
etag: "6a0ae4e342edcc32c9ab12a2f427bb4a"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-cache: Hit from cloudfront
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 576729
x-amz-cf-id: 1tiHrlCHyrpXBEQ20FmAKiLOsIqh8P_HdPsHKhtMZEF6Ri9rQ11IeA==

OPTIONS
H2 200 questionnaire
api.growth99.com/api/public/v1/ Frame 0
0 109ms
108ms Preflight 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growth99.com/api/public/v1/questionnaire
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-160-173.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-tenantid
Access-Control-Request-Method: GET
Origin: https://chatbot.growth99.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://chatbot.growth99.com
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Mar 2023 02:32:03 GMT
server: nginx

OPTIONS
H2 200 chatconfigs
api.growth99.com/api/public/ Frame 0
0 108ms
108ms Preflight 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.growth99.com/api/public/chatconfigs?businessId=137
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-160-173.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-tenantid
Access-Control-Request-Method: GET
Origin: https://chatbot.growth99.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
access-control-allow-origin: https://chatbot.growth99.com
access-control-max-age: 3600
content-length: 0
date: Fri, 24 Mar 2023 02:32:03 GMT
server: nginx

GET
H2 200 questionnaire Show response
api.growth99.com/api/public/v1/ Frame ACB7 196 B
757 B 109ms
109ms XHR
application/json 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growth99.com/api/public/v1/questionnaire

Requested by

Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/polyfills.827d0685fcb34df2908f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-160-173.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

8f7f36f6555be4e14775a376ac3dcb332f29fb8eb04d6b9d27da25d11f9cbbee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://chatbot.growth99.com/
accept-language: de-DE,de;q=0.9
X-TenantID: 137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://chatbot.growth99.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
expires: 0

GET
H2 200 chatconfigs Show response
api.growth99.com/api/public/ Frame ACB7 1 KB
2 KB 142ms
141ms XHR
application/json 3.18.160.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.growth99.com/api/public/chatconfigs?businessId=137

Requested by

Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/polyfills.827d0685fcb34df2908f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.18.160.173 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-18-160-173.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

87b3b44b790fd7d001aab52084033ad9cec700ac99104b4d7f27c7fa8801d2da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://chatbot.growth99.com/
accept-language: de-DE,de;q=0.9
X-TenantID: 137
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT, PATCH
content-type: application/json
access-control-allow-origin: https://chatbot.growth99.com
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-frame-options: DENY
access-control-allow-headers: x-requested-with, authorization, Content-Type, Authorization, X-TenantID, responseType
expires: 0

GET
H2 404 null
chatbot.growth99.com/ Frame ACB7 23 KB
23 KB 124ms
124ms Image
text/html 2600:9000:223f:d400:3:d92d:a340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chatbot.growth99.com/null
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:d400:3:d92d:a340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb25a6a91c7444f85c076136f1aaf9d033239832403f862a9ed9819ff1a93b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/business/137/chat3?color=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: l51ylRV3HiAuAnqRhNwzmZDsm8lQgpNX
x-amz-error-code: NoSuchKey
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
date: Fri, 24 Mar 2023 02:31:54 GMT
x-amz-cf-pop: FRA56-P5
age: 9
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:758224881738:build/g99-prod-chatbot:d169d4d6-b609-4dd7-a1ca-19c51c07b8d5
x-amz-error-message: The specified key does not exist.
x-cache: Error from cloudfront
x-amz-meta-codebuild-content-md5: 615d31946bb4453bc47a5699d9e18e6a
content-length: 23673
last-modified: Tue, 21 Mar 2023 15:09:12 GMT
server: AmazonS3
etag: "13f9259ee42d2b4fc061cf0cec7e6c38"
x-amz-error-detail-key: null
content-type: text/html
x-amz-meta-codebuild-content-sha256: f1e5dffd2605d0c98581e340a756b8ff84fdb01e010cc41f3fcc0aed4b564a99
x-amz-cf-id: 3cM9EWus0JgoaL8df2cPkMRplQJsvw1Ug2UF6ey-ctMjKH-rH2hkyA==

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v34/ Frame ACB7 38 KB
38 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://chatbot.growth99.com/
Origin: https://chatbot.growth99.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 237264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39372
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ Frame ACB7 76 KB
77 KB 14ms
14ms Font
font/woff2 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: chatbot.growth99.com
URL: https://chatbot.growth99.com/business/137/chat3?color=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://chatbot.growth99.com/
Origin: https://chatbot.growth99.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
via: 1.1 c07df4067a41d31ca3880183fe0e2270.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: BOM78-P6
age: 8805535
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HFfF0699fDeu6IxAXDVwoRK0ZX3cR0z1fN16Z3Tvfj77fKQClRSae4xcsTuUFC3OpqmM2du7Bs%2BBLIiggQA8FIVUWq%2FjMTQZ%2BZBWgmevIBtd6eIntdvJzEMp%2FXV9VHCS8QdlAY2DpuU65FNbu0K9iBsuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7acb805c3d139a03-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: zIRlNr0YpS85FrVfup8yzZQVqY3r8_p4tX43A4f5tFAAfk402xnN1Q==

GET
H2 200 14-es2015.e4220fd097d7047abc90.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 5 KB
5 KB 403ms
403ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/14-es2015.e4220fd097d7047abc90.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eeba785386b6207651c092f4fe8896f4ad63c0653e0f1194fc66cf0d2d2a189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: 4CLaeVI2_oo5urBedJ1fxqrrmVmV24_f
date: Fri, 24 Mar 2023 02:32:04 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "1015f039e191993060cbc3d0cbe96861"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4987
x-amz-cf-id: XoAeSqTUi4EAAq46hrAU1vR7HiO2JqH2hqhkOcTSx2XXWyCsMn9D8w==

GET
H3 200 KFOkCnqEu92Fr1MmgVxIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1MmgVxIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C300%2C100%2C500%7CMontserrat:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options: nosniff
age: 237264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15764
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:39 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400%2C300%2C100%2C500%7CMontserrat:700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://paymentissueruma.gogroth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options: nosniff
age: 237263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Mar 2024 08:37:40 GMT

GET
H/1.1 200
OK bot-icon-1650484190821-2022-04-20_13-49-30.jpg
prod-emr-asset.s3.amazonaws.com/ Frame ACB7 103 KB
104 KB 457ms
188ms Image
application/octet-stream 52.219.98.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-emr-asset.s3.amazonaws.com/bot-icon-1650484190821-2022-04-20_13-49-30.jpg
Requested by: Host: paymentissueruma.gogroth.com
URL: https://paymentissueruma.gogroth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.98.84 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 620bb44759c34aa2fce17256f25ab82105e28b3fab5830d68c0e783350ad66df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://chatbot.growth99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 02:32:04 GMT
Last-Modified: Wed, 20 Apr 2022 19:49:51 GMT
Server: AmazonS3
x-amz-request-id: SC8M2TM1NW477W4B
ETag: "55f2a727b1f77ecd442b4db3da52a1a2"
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 105822
x-amz-id-2: e9VPaYKBHt6gDztkEntSsmdUcJugbHf/0tvMaPCLBOTCvFAHRKksQhGAF5p3sRw78J0WKsXux4s=

POST
H2 200 graph_client Show response
dashboard.boulevard.io/api/v1.0/ Frame 649F 337 B
598 B 106ms
105ms XHR
application/json 52.72.172.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.boulevard.io/api/v1.0/graph_client

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-163.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

1fa5952aa39544d7c4cc06b50477a527b3670537c4a77ccf1573ed457ab068c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
x-blvd-bid: 64d16bcf-1137-4312-80aa-51c89cea75d4
Referer: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
x-request-id: j42l2iod6-1679625123750
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Cowboy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.boulevard.io
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 293
x-request-id: j42l2iod6-1679625123750

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=277990475&t=event&_s=2&dl=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&ul=en-us&de=UTF-8&dt=Medical%20Spa%20%7C%20RUMA%20Aesthetics%20Lehi%2C%20Utah&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=&ea=Ivory%20Search%20-%20Default&el=&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1423525332.1679625121&tid=UA-166905251-1&_gid=637376502.1679625121&gtm=457e33m0&jsscut=1&z=562585080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 18:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30412
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graph_client Show response
dashboard.boulevard.io/api/v1.0/ Frame 649F 955 B
810 B 127ms
127ms XHR
application/json 52.72.172.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.boulevard.io/api/v1.0/graph_client

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-163.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

f5af98898a03774530ababccb0ded4da0de0aa65fc5c93a236451f2560b3b971

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
x-blvd-bid: 64d16bcf-1137-4312-80aa-51c89cea75d4
Referer: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
x-request-id: j42l2iod6-1679625123862
Content-Type: application/json

Response headers

date: Fri, 24 Mar 2023 02:32:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Cowboy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dashboard.boulevard.io
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 505
x-request-id: j42l2iod6-1679625123862

GET
H2 200 common-es2015.f117c0b11583f36f8971.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 2 KB
2 KB 425ms
424ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/common-es2015.f117c0b11583f36f8971.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbc429dc9f16cdfd03fe28d9de7c26b2e1b26a19172015d5c90f96dd460d5d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: 9A7AFU6xAiFBx9MQU3P4xI6kDMNwYV8l
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "8c49b258e3b615fb201b753558d708ad"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 1602
x-amz-cf-id: 0GSY6ILZS4h8FLzrAzKL-gum7Zbq9wN8m8iH15CRZrAwORbPwEEXmw==

GET
H2 200 7-es2015.37a5abaf162e7050a629.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 410 KB
411 KB 403ms
402ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/7-es2015.37a5abaf162e7050a629.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 335e1cdc75a68aa725e50ed88af39a087614711d43c63b4ea3475acb4eb6ec45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: hrLzUYdeVb8h6iiDbAsrJtTBqCd3Z1NZ
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "7258a6ef3adbeb84390dd80d731d7592"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 420039
x-amz-cf-id: a6aAbgfQBiyxprrsQdzCReFhBJ0hg505OHJCsyF-Zckdzd8Xpsde-w==

GET
H2 200 8-es2015.50eb372439be16b7c508.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 9 KB
9 KB 397ms
396ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/8-es2015.50eb372439be16b7c508.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0ad589adc4cbf583906dea261d44fac8cef9fc606cd27ef946294e61de9705e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: 8v4Jdt8OBoPo7LTsNG.STB5.b3TyL7wv
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "49c4e28be9a315be0324b9d98ff6971c"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 9152
x-amz-cf-id: ycads9wTrdigtyWHW_5N2TbDMCi03dtjOouxWD78og-ZBVbgskYRkA==

GET
H2 200 9-es2015.774deb338a96b767256f.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 6 KB
6 KB 424ms
424ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/9-es2015.774deb338a96b767256f.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a7f13c06e2e35251312d59e5074b080cf35b0f7a3415825cd4f1dd66266154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: sy3q2COFvHl0V7P6zIrgEAJn7BkTYEYG
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "8429dd3ec0be15bebcfd47f2c6e742e2"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5875
x-amz-cf-id: l1hcoqewKxY3DxgxCnS59_6fJw0CdvvFd-RYqDLUSVf1es4aC4nq8w==

GET
H2 200 10-es2015.d07833bfc10acee72f7f.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 11 KB
11 KB 422ms
421ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/10-es2015.d07833bfc10acee72f7f.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 627b7e7f62fb0a0332a6566f1b0657ac849e800e51327d76f5fdd3c67af3bfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: yAjHESq7BLWn4WUsfNasn15dVgZM0RQq
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "366cca301ef189f2dc35e5b03e771e5c"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 11240
x-amz-cf-id: UV86e9oRn2GeQ2WJU5e6_vJhrZydklHxPYBJB3drwSGYHe-2vGHnRw==

GET
H2 200 13-es2015.7e48dc94579581d98d87.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 2 KB
2 KB 394ms
394ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/13-es2015.7e48dc94579581d98d87.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cbb96d9eae250383abef05cdb0597479ccfc892daace04cca6dcbe0c8556c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: lkYpLQbRNOS4XUQDRNJOMLeBdu_oT8J4
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "cacef45f087e68887ad06f9638475473"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1710
x-amz-cf-id: C2qqqoCUQdw1wujhBW_zcgwn60q3K2pK9Kx5W6j6iRgrTJPl8DPYjQ==

GET
H2 200 12-es2015.a107e3079a7b09862bd3.js Show response
static.joinboulevard.com/clients/booking/ Frame 649F 2 KB
3 KB 421ms
421ms Script
application/javascript 2600:9000:2250:ac00:e:9c9a:bec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.joinboulevard.com/clients/booking/12-es2015.a107e3079a7b09862bd3.js
Requested by: Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/runtime-es2015.b6d3a49f96db8a68932b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:e:9c9a:bec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ea7308c1c405a7e0527b504d25d148e5a00f90d28b97874b8cd2d57c2ae0e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id: jla0q686DW2rmT0R4OVhuBOxK.eDg81g
date: Fri, 24 Mar 2023 02:32:05 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
last-modified: Tue, 14 Mar 2023 17:26:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
etag: "18f4b651282887bee8c42bd1dcd6c788"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-replication-status: REPLICA
accept-ranges: bytes
content-length: 2249
x-amz-cf-id: ZGqAxlr59QhmUUYczOXikEBiAxN-CvItsHsEroPatydfhNfNTz1RJQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 649F 3 B
23 B 16ms
16ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1518968151&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.boulevard.io%2Fbooking%2Fbusinesses%2F64d16bcf-1137-4312-80aa-51c89cea75d4%2Fwidget&dr=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&dp=%2F%2Fvisit-type&ul=en-us&de=UTF-8&dt=RUMA%20Medical%20Aesthetics%20-%20powered%20by%20Boulevard&sd=24-bit&sr=1600x1200&vp=550x1200&je=0&_u=KEDAAEABAAAAACAAIC~&jid=1596039866&gjid=508136965&cid=99947061.1679625122&tid=UA-166905251-1&_gid=1958631145.1679625122&_r=1&_slc=1&z=2079274762

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.boulevard.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.boulevard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 649F 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1518968151&t=pageview&_s=1&dl=https%3A%2F%2Fdashboard.boulevard.io%2Fbooking%2Fbusinesses%2F64d16bcf-1137-4312-80aa-51c89cea75d4%2Fwidget&dr=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&dp=%2F%2Fvisit-type&ul=en-us&de=UTF-8&dt=RUMA%20Medical%20Aesthetics%20-%20powered%20by%20Boulevard&sd=24-bit&sr=1600x1200&vp=550x1200&je=0&_u=KEDAAEABAAAAACAAIC~&jid=1076440495&gjid=93692721&cid=99947061.1679625122&tid=UA-72843803-2&_gid=1958631145.1679625122&_r=1&_slc=1&z=117436534

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.boulevard.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.boulevard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 649F 4 B
354 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-72843803-2&cid=99947061.1679625122&jid=1076440495&gjid=93692721&_gid=1958631145.1679625122&_u=KEDAAEABAAAAACAAIC~&z=1333866516

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dashboard.boulevard.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 02:32:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dashboard.boulevard.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame 649F 42 B
293 B 20ms
19ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-72843803-2&cid=99947061.1679625122&jid=1076440495&_u=KEDAAEABAAAAACAAIC~&z=1815284043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 649F 42 B
408 B 40ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-72843803-2&cid=99947061.1679625122&jid=1076440495&_u=KEDAAEABAAAAACAAIC~&z=1815284043

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon_chevron-right.svg Show response
dashboard.boulevard.io/images/icons/ Frame 649F 338 B
518 B 98ms
98ms XHR
image/svg+xml 52.72.172.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.boulevard.io/images/icons/icon_chevron-right.svg

Requested by

Host: static.joinboulevard.com
URL: https://static.joinboulevard.com/clients/booking/polyfills-es2015.d1b6fd76755b41df2d45.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.172.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-72-172-163.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

eb9a9c25f008f2cde5121576bec9d52433d7f7a3f504ee41850abbf82476144b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://dashboard.boulevard.io/booking/businesses/64d16bcf-1137-4312-80aa-51c89cea75d4/widget
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
x-request-id: j42l2iod6-1679625123995

Response headers

date: Fri, 24 Mar 2023 02:32:04 GMT
strict-transport-security: max-age=31536000
server: Cowboy
etag: "515284A"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public
accept-ranges: bytes
content-length: 338

GET
H2 206 Ruma.m4v
g99-resources.b-cdn.net/RUMA/ 8 MB
0 13ms
13ms Media
video/x-m4v 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://g99-resources.b-cdn.net/RUMA/Ruma.m4v
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash

Request headers

Referer: https://paymentissueruma.gogroth.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Range: bytes=2326528-

Response headers

date: Fri, 24 Mar 2023 02:32:04 GMT
cdn-edgestorageid: 1082
cdn-storageserver: NY-267
Content-Range: bytes 2326528-26615081/26615082
cdn-cachedat: 03/22/2023 18:52:36
cdn-pullzone: 867733
Content-Length: 24288554
last-modified: Mon, 14 Nov 2022 13:09:17 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 427
cdn-requestpullcode: 206
cdn-proxyver: 1.03
content-type: video/x-m4v
cdn-cache: HIT
cdn-uid: 667fd566-309c-4b1e-a5fa-dce4644622fe
cache-control: public, max-age=2592000
cdn-requestid: 16503b2ae8aa295fa44509a8d5b6815f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame ACBC 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
X-Goog-Request-Time: 1679625124137
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/UBOjXuSxt8U?feature=oembed
X-YouTube-Client-Version: 1.20230321.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtCRjhHOTFMa0tGayigl_SgBg%3D%3D
X-YouTube-Ad-Signals: dt=1679625121037&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 24 Mar 2023 02:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 24 Mar 2023 02:32:04 GMT

GET
H/1.1 200
OK thumb.png
s3.amazonaws.com/prod-boulevard-dashboard/uploads/locations/dfc655a0-3a0c-4361-8d3a-68b8284e793f/ Frame 649F 5 KB
5 KB 126ms
126ms Image
application/octet-stream 54.231.172.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/prod-boulevard-dashboard/uploads/locations/dfc655a0-3a0c-4361-8d3a-68b8284e793f/thumb.png?v=63823231561
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.172.80 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0b91c5c73d730b5587abe4c7d22249caf38448310079eed61f69f0bc753e2e5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dashboard.boulevard.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Fri, 24 Mar 2023 02:32:05 GMT
x-amz-version-id: BMG_9Ra1MDC6ULcOVwhS8EHoxVJ7hUWj
Last-Modified: Thu, 23 Jun 2022 19:26:02 GMT
Server: AmazonS3
x-amz-request-id: VB2BEP30P5MZBRVF
ETag: "67d078a2e93ac5886c7e8ad7d29109f9-1"
Content-Type: application/octet-stream
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Length: 5019
x-amz-id-2: 7RTpe3SnK1nN0NZFUohfDpXilmz/sHUhspx/ftgYX5YV++JKETkOqTJOHy530Lf6diMRhngawE0=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3MPFLF80RB&gtm=45je33m0&_p=277990475&cid=1423525332.1679625121&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679625121&sct=1&seg=0&dl=https%3A%2F%2Fpaymentissueruma.gogroth.com%2F&dt=Medical%20Spa%20%7C%20RUMA%20Aesthetics%20Lehi%2C%20Utah&en=Ivory%20Search%20-%20Default&_ee=1&ep.event_label=&ep.event_category=&_et=2648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3MPFLF80RB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paymentissueruma.gogroth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Mar 2023 02:32:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paymentissueruma.gogroth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WsHfMQAn-fk
.youtube.com/	1970-01-20 14:52:57	Name: VISITOR_INFO1_LIVE Value: BF8G91LkKFk
.vimeo.com/	1970-01-20 10:33:46	Name: __cf_bm Value: qGIF_ja9xxTBPDem2gffqz53OCf7fBzwFmp0qPh8x3M-1679625120-0-AVeY7vRZ5Vs4KSU1HZbbQbBsuU7aUnzlZclEWPuWpokEfoghJe75zKBzWtMR9N9FWiFvwn/OF7tFYCRL8QAGfLo=
.gogroth.com/	1970-01-20 12:43:21	Name: _fbp Value: fb.1.1679625120944.1775872753
.gogroth.com/	1970-01-20 20:09:45	Name: _ga Value: GA1.2.1423525332.1679625121
.gogroth.com/	1970-01-20 10:35:11	Name: _gid Value: GA1.2.637376502.1679625121
.gogroth.com/	1970-01-20 10:33:45	Name: _gat_gtag_UA_166905251_1 Value: 1
.boulevard.io/	1970-01-20 20:09:45	Name: _ga Value: GA1.2.99947061.1679625122
.boulevard.io/	1970-01-20 10:35:11	Name: _gid Value: GA1.2.1958631145.1679625122
.gogroth.com/	1970-01-20 20:09:45	Name: _ga_3MPFLF80RB Value: GS1.1.1679625121.1.0.1679625123.0.0.0
.boulevard.io/	1970-01-20 10:33:45	Name: _gat_clientTracker Value: 1
.boulevard.io/	1970-01-20 10:33:45	Name: _gat Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://paymentissueruma.gogroth.com/(Line 736) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://chatbot.growth99.com/business/137/chat3?color=#ffffff&bg=#8b572a Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://chatbot.growth99.com/null Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.growth99.com
cdn-images.mailchimp.com
cdnjs.cloudflare.com
chatbot.growth99.com
connect.facebook.net
d1kb6wto5ohzen.cloudfront.net
dashboard.boulevard.io
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
g99-resources.b-cdn.net
googleads.g.doubleclick.net
i.vimeocdn.com
jnn-pa.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
o435284.ingest.sentry.io
paymentissueruma.gogroth.com
player.vimeo.com
prod-emr-asset.s3.amazonaws.com
region1.google-analytics.com
rumaaesthetics.com
s3.amazonaws.com
static.ai.getdeardoc.com
static.doubleclick.net
static.joinboulevard.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
146.75.118.109
162.159.138.60
18.66.127.89
2001:4860:4802:32::36
209.50.56.141
2400:52e0:1e00::1082:1
2600:9000:2113:cc00:e:27fd:3980:93a1
2600:9000:214f:ca00:d:8df6:5fc0:21
2600:9000:223f:d400:3:d92d:a340:93a1
2600:9000:2250:ac00:e:9c9a:bec0:93a1
2606:4700:3034::6815:1683
2606:4700::6811:190e
2606:4700::6812:1634
2606:4700:e4::ac40:a816
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:810::2008
2a00:1450:4001:811::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2006
2a00:1450:400c:c0a::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.18.160.173
34.120.195.249
52.219.98.84
52.72.172.163
54.231.172.80
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03065eeab6825676f68277d21f152c5ad98395555f23af366333717bd0ae958d
094a9cffb020269ceb4c5105b63ccbdb3abc2574b7dbc9040d9e760338f40a40
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
0aa2bd21f9d3c30d674bffc2aac7985eb2d2b27d10976c35ebcb9d5fa92405ea
0b91c5c73d730b5587abe4c7d22249caf38448310079eed61f69f0bc753e2e5e
0cbe9003e599c14c0c271e6d5f40de1692c1ce9078d41777a6b0ecd373fc8fd7
0ea7308c1c405a7e0527b504d25d148e5a00f90d28b97874b8cd2d57c2ae0e87
0f303f31706d39866cced9dcc17b61fb8423674278d7f6051d66b3a79ffbca18
10c620621be8d1cf76112872139f30336a31482993bd3777daa4971f4211d39d
14219f8b3d20ef04d5c5c73b90c352b97f677581770506f689262f6a58d463c3
14d3ef61cb86e0e9bcc7f264523851b948c3e517cf11175cc1151c39a025b5c4
159c0f841d675b55c313c2f9ec8fc278e68123746dd60f92c2a8b11d91705fe7
1799f5f4c1ef63cf01499e15a4cc47beaa351c2661b4d1c4f6b9443e66ddef8e
19518ef3cd1a74ff21fa2d89aca7530e8c143f0027324554af1015f92596820d
197e79ec2952a3ed1896de5eb725308428fcd942ce4679c9c6011a8731d8d2cc
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
1f739bbaa9aeb7034266757e05097731772dc83def40d5ff3e7625d353837daa
1fa5952aa39544d7c4cc06b50477a527b3670537c4a77ccf1573ed457ab068c8
20046e393fed4ed15f6ec36b16e50de9541acaeb589545660c1c7c854672e263
2284fe9bcbab38a5870a9c9c5d6f22c7467162bfc40163e10ce96f8688db17b4
2378e0f729708cea7a6118a87e24310526c307bef77d286ab801545fe869ebf0
255c7a1fa69437e6e19994bcd662189c05d12bf98f2eecdee9f31690942336e4
257d35a5023623b765458d399874c1a99e62783f4d2b89dc45ebb69e3ea90ec7
258943549b7c819700488f5d2e0b45a44c7b625ccae2973fa35206f6365795a1
25a7f13c06e2e35251312d59e5074b080cf35b0f7a3415825cd4f1dd66266154
28240a7a5a3cfcf3c9ddbd08227a6dc8fb36e7784c235783160727868cc46e5b
2924ea36a075d22f18a9fac2ad9a0e3a8aa2bf9195ba462ff626df6bcd05e97a
295fa5f9bf8c7eb32f7cb7327fdee3366418705e09933a2038743c79cc955031
29ffec9ab14f020cfe7a758d57a8037662792b741a58f44682e075b5f6f175cb
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd72eb7bccf5776587fd11ed3f8562f40d992f94e0412b098bd850ddb2de770
2c51dbc4151fca5b6076cabf2e71438e5e2f90729a2148f23dc7eb9e9b84dc35
2db0b267e7f9163a53e0ac9cfbb49cc61fe2a0cd247b384a66863d12dc9731af
2f3a1b7a384a1a1da06ebee7b08bd8faf7affe08578ec087c2fa6d9a1209cd47
314ce6baaa3218eb171fa2c278d7fdf1b9872305dfa667e9cbf2df77c83a9a88
322762985571701a140d2de220b100c4c245f27d8f78fc4c77537482c15088e3
335e1cdc75a68aa725e50ed88af39a087614711d43c63b4ea3475acb4eb6ec45
363513aceb8f917cae8f9a2983ee10179bba439f9d7f817112cb76f633887140
365086145b44de39bd4ace77eea011b67628b208be3a136488a6e12fb8f06915
3670bc178b2ea34f1d93c48c8383c6adf2bc72cdf07900816b33af5e414957a8
39a0926d27fd4e20f684591d03dda70e43f36a6ba5a44e058769b5d124e43c04
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
3c330c7a653cac0ad5b39471807657a57b4b1bd62591b14c6098f7f6c3dfa9a9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e439bfd3684c34bceb574ca0ddfa32cab5ec9d8e371c74aacfeefd506ed0353
3e739e50469c5d3c2d518a21eb5b228f5b001565897713ecf21e367bc1cf4707
3f4f0083de2db16529954f1e2f2686b69871593b7ae7e18fb9e9a7b740960e29
3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446351976eb58086fe9fe8c1ef5965e6337a403fff29234cbb883948515ff644
463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49dc3f884fe1fc3e8e497bdb37c63aee43cfde3f7b00bf755b01cba5e4271b98
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4b9348e7c8f6dce035edbd2484545d6d593ccdaf3eea5070b6138deff1be1caa
4c08e75074e7a0fcdd3f0f392c8d6fb1cec4086883cd53a30eeae1c4bf42d1c4
4cb9a347efe1b13805bd44329e4bb7ac9155d3b448d7c61c6f71d9014ed18a96
4fed90956f343adfcadc3fd36317e7e0ffbe9bc0d8c7ed394b3dd34220e73e54
507179a5680d28526955b2b8baa1678f3f2dd074df27eeedd4e74c97d1e1aa6e
514a66549f4ecc876c3d8e5f35e024ac31e6aa241118a0e81b75c7c5486cb78f
51b9fd02a4e8213865f5401d699dcc03b7e6c52658ea711869b28c038346a375
52b74bac7add7505063df29bbb542f629ec2d5a0d7b1f50d897007614dbb2a7c
5469645f5b6fca336e0bf409452a8923cf22e50e7cdc3634fabdcab613e6552c
56798856c7e5cbe87c4a45893bb2d55c8a7470eb3b35751f9074b23988aa19e5
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5ce560c2a8ed404221cd83dd99e39b08b6d553878b4d295e8e4576db7e49cfc1
5cf9186c30d241993ff0233aed0f0bdb71d0dc6592dd461715281775d949a26a
5d59372b6612612e1f165c140beb8e541b9becfa771862e2d61376252a2ba91f
5d9501607cfff9684bb4aa39eddbf90c2ff1c3f8f99223aebb52604d509b4c81
5dacc86b8a64742e60d70192353e5643da219a3f84c0b26cf6116b06b67fff32
5e5753f111872db475db3d44a1e74ef752867e90cb538dd0d4dfd3ad5a664c9e
5e878aa3d4ffc17b764831da9837caa45a317369d0358edf88d049224a480923
60462a4da1eecf45592e8f65d0412c8d40cf58c3db82a0c902c4e82e1e468e0f
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
620bb44759c34aa2fce17256f25ab82105e28b3fab5830d68c0e783350ad66df
627b7e7f62fb0a0332a6566f1b0657ac849e800e51327d76f5fdd3c67af3bfdf
6a2fd8165871a31946da9b2cb6ecc55a0dcbcdbc8b34be6ec4cc9eaafd7ab783
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c72cbc3ddc97ef814cdc9d87bedbbb4c4e7ff35ef7d23da603341adc0103e87
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f4bcf30030b269ed74060ab9d7a268b7b9fc149011b3a7a9a69cda42d3e810a
700d5bf9cfd16e81f861acfa00f41bb2c0495bcd55313ae98680943d817da231
732b2e7803c1a94ff38fda4a0c54b919ad96930218d4dccaf17e3dbbfbbde174
75535d674802c5ce8fecc6a261e1c9debf17eef60d06a1f9569dccf0bf7069ad
794afb583cd66a9d7a31a2ca0b8d98752cbd90fb0e5a8090b8301b4ccfaeafc6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bdd9859d19c54eb5142c816d34abfc1d7b3470c6887ed8a11fbb9095e9a3539
7cbb96d9eae250383abef05cdb0597479ccfc892daace04cca6dcbe0c8556c38
7cfd0c8f8464a7b46db267b79a793db18abed3247065a29933440eab1db6a8f9
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
82127373162a00ba4e270703a31ae9c51988a7b1a127aaea7be3941dafe058b8
8271756d5397dd04fee9e7b5e9bb25a40b32102998938539946d9a006a0ec737
82e917a6d6cefc504081aaff8f58a6d0b1332221583594c4a53c70a77a3251d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f7505d23593b4428ad650f5082c97ac7236106998de26a3cee0514182edff2
84a9118f6cfb06d63e55354382d57e7eeb26859fefec8c59aa139eb8cbef809e
84decc00a588d65b9c7ae58a79d11fa6eb4a1ae0330a0e78097ef88599482168
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850ed319eb0c924a0054d91582298934ffdf27327523030980098b695cee5c1a
8605bf321acdd3f271b0d1e442a7ab08a6a673cd56d71d23a56144ceeb72b18a
87103c5ef4fbceb85504d0dd5666db5e54af6b0ba55ce8d2a20313f627a7da87
87392651263cd3f5d1cd417d2a9331879bbeef1c42f141f645b598823371ea90
87b3b44b790fd7d001aab52084033ad9cec700ac99104b4d7f27c7fa8801d2da
8e338a0943e448890d6c2d5af77b8bc26e46db02de335728cbe598530a70548a
8e5070cc7232c51345012734365f8ac263bfa56a1cafed525fed643ec093c714
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f7f36f6555be4e14775a376ac3dcb332f29fb8eb04d6b9d27da25d11f9cbbee
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713
96344c48276b6477946734dfa6f60c187fa33d371c0f4bc2156edc0e2868617c
96a4eeb21eac59c980f416328366cdf21f3ff0072b236842272fcb500a211595
97b5b6bb0bfd4413504da4a5b78546698c75a127fff51b095080ee7fd3b8ec0c
97dc759500db4b1955406af562eaf277a44ed94cebc9c34373244f827b522e6f
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
98bf081139b8ad9044ddfbc294e2014abb1d3818a9a2b2171c8ebb56c69be2c4
99b4835b9f861a8a59b8c1e51025fbad98af340fe1a0da4142325d12ebf0d8b4
9a31d5c9c0b108e9c1d8ccd47780a975d44ed8665a3be8a37b2c3614ad5fc157
9ae1b9f867c5a14924d3d6b09e57f7451a00917838dd127af0782a07551e3d58
9c7111df1242861db0a059b40e209b549cdf7e75814831d7e9fb2452a8f8103b
9da4a356a2ee90a570a77dbb4fcbc2605e6a1748d010579373c15f3a09836a2f
9ece3127dd9e1c43bd6a9ac7d20c6d260ebaa48917007158560697efa3bfd32b
a56844edb0c017c249a7b53a55ffd5ae330361663efecada5a7dfd61d2a7e505
a9ed7299bab40153ee958156f65aefaf056c20f4f63e4e183261a56feccabf06
aa7437452e69f5b990eee286f12261aaa67548f17d83a4dcac86034e621d8f33
ab6fa16d68e1b4aadf88af7e28ef7f08cc1c43f3c9133f9c9642831fe742abe9
adea23b4552a7e5beac833b5fe67b484b73d7df091c65649fbb02847c048e3d8
ae0daa854523967d33cc6353af8af5975319c754cdc7bb0b93912f5310526711
ae707ec81b142f04b6d5f785a5d4f7e8301bdb62a95288dee1f3e58930d21c7a
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b010b868b81d11e7387b4226fdc2a6308ff0afaa6e9a2bed143e909ac64e17fc
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0381d34f80ea7330a10fa91a4d44654b8632efd47e93344d8e7da9a2b48398c
b08954fb222a9f97871f448798f5eb601af5c6bd7abb30c4bbfcb7b1e01d1e2b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b2372c504d4a515cd4d06f0a569071176de62942ba381959b207d0eb220f6362
b2d0ec7c1365e7f6fb2b919aedf176618edeae4361aabe66bea8a8685beff263
b3fa1bb3aa7d7ddaa3f07b139a0629d666fbfec8d7cba56c0dcf8b09ffb820b9
b3ffeda2fb799d234ae31e1c88a96d7a6618c012e9eb047961f76f6d549b0af6
b472f95c10914872eb277ee5758b8a30f38fea6e3b06f4f144d03ff120cbf27d
b8e78b48acc08ce31457aff168d6fb2c814d51a8739a97693cdba585d60f5b35
bab7074824c52f72732fc46dd10358b8e00d91f6c2ab0733946914d1d7f62beb
bb25a6a91c7444f85c076136f1aaf9d033239832403f862a9ed9819ff1a93b8b
bbc429dc9f16cdfd03fe28d9de7c26b2e1b26a19172015d5c90f96dd460d5d1e
bc15e6436f9a95bdb5063fe1a263a63ff4fe29a6c7f536ee16adc82ac644e962
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be52c695dbb70f1b0b9e81bb7636330047bdbf6d6ac610a6bbc16ddf6744500e
bf75f9a4ede4c78af871f3cb51fffa3e1f91f5cb0ae8e408770eb707bbda2ddb
c1da22d600c2d43e8a0e82c60d51ac54c5ce17af032e9b80d0bb4a778e47d785
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c39e136694085bca77cbb0527d35d5480862502cbbb02e82ca52280b135ab093
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6d26c147c6d8ebbc22f4f18c81bd8f2592c228443508d5c906becdc5ed065c2
c8b484327f76a95a47f62ad406d575b4be797afd54cd62eb648e2e600fb4d5da
c91ba7b6ff61aed584f2c0af46b1b9d94e536dd714879b087c0891bcbf531517
cabbe6a40325f41ff8a81ecb40d3890af8d9e36d6f46da2a6b7ce101b20ddefe
cb101e5e6a539e60d93682122881530c2854636fddf3981ca89af8a8507bd121
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cf1c72c81d9aba127a532955cd5179bc736bb23219142538f920dc57ffadeb3f
d06707997b8d53e355a7a9ff55163669fc1a693d3650f762271f0922f1bfe8fa
d0b61464a99017bf71c55925970bdbfb9cdbab4e2a66ddd1ae47b8c973e997c3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da2742800229240d57fadb5d893961b5f0d288e756d2af2368d42afef2a0169a
dadd529fad5a0d66f372c772b9c2f90bdb87bae6df31998ec710081a5066dea5
daed3caa72349b1805931402c0242e0f0cd37db3cb52771cca9a0c5123c7acae
dd52643f8c07afac0cf1bfa49c91101e414bd413a4a144339a163ccc3a0e37ef
dd6e55040e749bcea952d54e7aa5cd8ce3a2ad34ee89c0d69dad07529a9708ba
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0394e418d7858c3f9fabb6897f4e9364cf86a23a809127690f467ad111f190d
e0ad589adc4cbf583906dea261d44fac8cef9fc606cd27ef946294e61de9705e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea871e10259bc7c9fadf7a26b0da4a751041dda2b5912e4faf709d24e03771e7
eb9a9c25f008f2cde5121576bec9d52433d7f7a3f504ee41850abbf82476144b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee468fb1c05222f952671063379fec6a80b7564052d020bba2a75aef38731ef1
eeba785386b6207651c092f4fe8896f4ad63c0653e0f1194fc66cf0d2d2a189b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f48792707156ce2bd5f7841611a8c2f236de5073dbdc33b34e123fc5b2a5bcd6
f5af98898a03774530ababccb0ded4da0de0aa65fc5c93a236451f2560b3b971
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8cbb0c3ce3a5924725a085515ac6743863f77751096ecac6388e3f1238a896c
f8d6d0599fed4eed2e74a046b75bca895946ce195b23cba8fbc3ff43e548a6ec
fa2e01bcf1e58fdd81b95e97cc0a941b70a8691c755e0db47626c30479247a32
fbab8be2ab66d2e186c273118eb38d95d21cc1585da9166c72aed83a73403172
fbeb296c1ecc216a17bda77bf65e833cc0410cfbe1908e121f7a4549cc390675
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fcce014e73befb225bb92548d0007fa054a506122a33f7081af6c9b1031c7937
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffd631cb679cbaab271d2515e5ad71768ceb7c1ca7b8dc7f5084770a4ded8687

paymentissueruma.gogroth.com Open in urlscan Pro 209.50.56.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

228 Requests

98 %HTTPS

73 %IPv6

25 Domains

34 Subdomains

33 IPs

5 Countries

8666 kBTransfer

27112 kBSize

12 Cookies

9 Outgoing links

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paymentissueruma.gogroth.com Open in urlscan Pro
209.50.56.141 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

98 %
HTTPS

73 %
IPv6

25
Domains

34
Subdomains

33
IPs

5
Countries

8666 kB
Transfer

27112 kB
Size

12
Cookies

228 HTTP transactions
0 data transactions