myercrefund.net Open in urlscan Pro
2606:4700:3037::6815:5597 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://myercrefund.net/
Submission: On May 22 via automatic, source certstream-suspicious (May 22nd 2023, 6:59:56 am UTC) — Scanned from DE

Summary HTTP 34 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3037::6815:5597, located in United States and belongs to CLOUDFLARENET, US. The main domain is myercrefund.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2023. Valid for: a year.

This is the only time myercrefund.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::6815:5597	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::6815:b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:e6:... 2606:4700:e6::ac40:cb1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	77.55.216.90 77.55.216.90	15967 (NAZWA) (NAZWA)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
34	10

2 2606:4700:3037::6815:5597 (United States)

ASN13335 (CLOUDFLARENET, US)

myercrefund.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

images.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:b21 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.groovevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:e6::ac40:cb1c (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.55.216.90 (Poland)

ASN15967 (NAZWA, PL)
PTR: dedicated-aii90.rev.nazwa.pl

ip2c.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	groovetech.io images.groovetech.io — Cisco Umbrella Rank: 373220 matomo.groovetech.io — Cisco Umbrella Rank: 357633	233 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1352 ka-f.fontawesome.com — Cisco Umbrella Rank: 2368	114 KB
4	gstatic.com fonts.gstatic.com	118 KB
4	groove.cm app.groove.cm — Cisco Umbrella Rank: 314103	153 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	275 KB
2	groovevideo.com widget.groovevideo.com	61 KB
2	myercrefund.net myercrefund.net	159 KB
1	ip2c.org ip2c.org — Cisco Umbrella Rank: 44892	217 B
34	8

	Domain	Requested by
10	images.groovetech.io	myercrefund.net
5	ka-f.fontawesome.com	kit.fontawesome.com myercrefund.net
4	fonts.gstatic.com	fonts.googleapis.com
4	app.groove.cm	myercrefund.net
3	fonts.googleapis.com	myercrefund.net app.groove.cm
2	matomo.groovetech.io	myercrefund.net matomo.groovetech.io
2	widget.groovevideo.com	myercrefund.net
2	myercrefund.net	myercrefund.net
1	ip2c.org	app.groove.cm
1	kit.fontawesome.com	myercrefund.net
34	10

This site contains links to these domains. Also see Links.

Domain
ercfilenow.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
groove.cm Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-09`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
groovetech.io E1	`2023-04-21` - `2023-07-20`	3 months	crt.sh
groovevideo.com GTS CA 1P5	`2023-05-17` - `2023-08-15`	3 months	crt.sh
ip2c.org R3	`2023-03-03` - `2023-06-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://myercrefund.net/
Frame ID: 8B7F75C0592B074FB164234C97A070E5
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My ERC RefundCloseClose

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1113 kB
Transfer

4237 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ercfilenow.com/basic/pcstokes
Title: GET QUALIFIED ['load','megamenuLoaded'].forEach(myEvent => { window.addEventListener(myEvent, (e) => { const link = document.querySelector('[data-gp-button-id="G5ct-1Oik"]'); if( link ){ const linkHREF = link.hasAttribute('href') ? link.getAttribute('href') : ''; link.setAttribute('href',urlWithQueryParam(linkHREF)); } }); });

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
myercrefund.net/ 297 KB
147 KB 262ms
208ms Document
text/html 2606:4700:3037::6815:5597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e1ac7ecd3e07648966dc0f30701a991a4174afa798c27018fa3ddeb3088d27

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7cb32dc20ea31992-FRA
content-encoding: br
content-type: text/html
date: Mon, 22 May 2023 06:59:50 GMT
last-modified: Tue, 16 May 2023 22:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4YMH%2BEWnFYeUH5SV2w4p4LVnClhh9jt9w%2FB3hUmKd55vaXEIoFhCEIuE%2B0nVZ88S3mQ%2Ff33lCpSbDvLMGXaWj04H0%2BSS8pWKh18ss7Xh1QgwHVUWTGSUpPSPOtFoj6WnmbwULfmpnDoRwSxZzc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 737 KB
137 KB 102ms
56ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9445e4776ca7dad73721312d0da7a2637b02577b540c140102b5abc8bb98ee49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 06:59:51 GMT

GET
H2 200 inpage_published.css
app.groove.cm/groovepages/css/ 462 KB
67 KB 87ms
33ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20534c34589d674089c28fb27c5480cdfd1ccd76afe405de6a0a0d0ea12ab6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 12:55:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4626
etag: W/"646771b3-7367c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmr%2B4iGsOfpGvhA%2BeE5NUqrdUX3jC1OjckqHzYaF4bUE8wcuQzDRkYEhuBWhNO9JWlGopxavrWNezwOVoXeF4w%2FGx8l9zE9ctN2RhTDtNIQriOxWjQSGQAYb5lgWakPKlcGdu56uhlFtYXWB"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cb32dc3ac3192c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ 11 KB
4 KB 86ms
40ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd4509fbd17162cd773ead447360babd14414e21042ad32a347bc11a2b6180d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://myercrefund.net/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7cb32dc3aa073a78-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F2FlARjKpKiTX1450xnE

GET
H2 200 index.css
myercrefund.net/ 229 KB
12 KB 210ms
210ms Stylesheet
text/css 2606:4700:3037::6815:5597
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://myercrefund.net/index.css?v=1.1684276038
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5597 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 685aba943d59dddedc7058ef320cec983137b08035154df289ac3eabd0b0c05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 16 May 2023 22:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64640347-39378"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hnytoXLAGoFRyD5iaqhga0S6bhrtO2rBC5LF5ky7vvxy2F8O39VmLDK05dRssRIiIMcwbpsSSf5GLpt7dtHnsbqnb5V2BxCfCCKqNIot0EL5ZvchbkpOW%2BIwc6QfepcnGaBH8OCk93bWpCHqWgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cb32dc358871992-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:59:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 711 KB
136 KB 71ms
70ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99b217f1888c23a6cb60c3ff03117b59f9bee0784cad0910496a25361cf8994c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjE3Mzg5X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtYm90dG9tbGluZS1jb25jZXB0cy5wbmc.webp
images.groovetech.io/alR_J-zOVa8UJky6rF5-UZ-aGIfz8f7Z43nGgCT_nwQ/rs:fit:0:0:0/g:no:0:0/c:0:0/ 26 KB
26 KB 599ms
545ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/alR_J-zOVa8UJky6rF5-UZ-aGIfz8f7Z43nGgCT_nwQ/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjE3Mzg5X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtYm90dG9tbGluZS1jb25jZXB0cy5wbmc.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd68096b4bcc1cef443e144117a65eee2c5a4f4748e64d7e88d61ec615ab306

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675617389_employee-retention-credit-bottomline-concepts.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26710
x-request-id: aa60dc08a921214e49b69699c38be153
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9Lbl7f08XR7l81OlGcLnvoB4F45IBQs%2F90RH%2F3pig%2FRlx2%2Bl9h6PcNil2SGAQqHVQjd6nMsCH0sVwaOe143fVvnIRSA%2Bhrz6cfdVl0JrWGtaudImc4MSBMo6cSaxaEBfyvYgH5bvsJAGQJDC0aeefEmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc55d2539c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 app.css
app.groove.cm/groovemail/embed/ 848 KB
71 KB 32ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovemail/embed/app.css
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3653d59e71086d39975a1b9de4ad7bc8631b2cef934cc7f74d1de2ff1e2f52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 May 2023 14:13:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6215
etag: W/"64623e15-d3e92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ0uijYyUWGzktNkEKBBpA0gIa6s58luSf%2Bf0ija0bB546QXa1NEkak%2FBXks%2BgZMRgY7fUo58A8To51Uv%2FoGG63T%2B4w9TlSPkDasOI9OdRMXg%2F%2BnN406pHYi2Jwgt7jx4%2Bsai5jHRXJ5rlce"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7cb32dc4ad2292c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 countryCodeInput.js Show response
app.groove.cm/groovemail/embed/ 21 KB
5 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovemail/embed/countryCodeInput.js
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a7e864ad02dfa72fd70032b53298dd0cd7c66fc831d33dac80096f961c49a8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 11:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6215
etag: W/"64675713-54aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abxEWr3Jd0N7RfJlm5gLkPJy4LqBXkAym1S194iffLuWlIfwO3vVrxkw%2FyOkoz0IF6xK2TqHDbE%2BWbHKhj0%2BNPA4F1lE81fIW5aWMtCQFmwADQ30YWsCX4UivPtH7Zq81NGxMgKoQJNIshxj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cb32dc4cd4992c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.css
widget.groovevideo.com/widget/ 0
333 B 285ms
223ms Stylesheet
text/css 2606:4700:3032::6815:b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.groovevideo.com/widget/app.css
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 18 Jul 2022 12:17:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62d54f5b-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jbtsb7eWQ2Kz8%2FW94MpTQ77hWXf1TX1Ll%2Fvv7cmZqkLPPmNfec7Rl0rDQdcWcRmeMkQZdyxRQYYuDYnATvnCoQ85HTHhnQmzuf%2B07xfxO%2B7%2FbXrNn1zXmaSur2oWyMS%2FzimSns0WooapcUyChUfaXTas5YUn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7cb32dc559f38fda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Mon, 22 May 2023 07:59:51 GMT

GET
H2 200 app.js Show response
widget.groovevideo.com/widget/ 171 KB
61 KB 89ms
33ms Script
application/x-javascript 2606:4700:3032::6815:b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.groovevideo.com/widget/app.js
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37d390cd381f391cd8bdfe34ed38c9cd8c830d3b8a1c5ffbc681befd08dd68af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 18 Jul 2022 12:17:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2294
etag: W/"62d54f5b-2ad10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ECNmWjazOhu0JPWU9y69GBMnylyRCqfjExxVY7RMYavghyuQMrGxvJskzChJOBrQ%2FJSHSESABOQcN8%2FHbXxyk7wV1lfzvzv1xem5ab3OJPLfsBj9x0lCiw0pZzbgdMULeriosWC6dOB8zyIpt70HAa1W8AK"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 7cb32dc559f48fda-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 22 May 2023 07:21:37 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIwNjg0X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtc2VydmljZXMuanBn.webp
images.groovetech.io/Sm5rWqeXtdcqJ2dp_ZY5n8bpc1rOqXIoQIxOr40mIWs/rs:fit:0:0:0/g:no:0:0/c:0:0/ 24 KB
24 KB 551ms
497ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/Sm5rWqeXtdcqJ2dp_ZY5n8bpc1rOqXIoQIxOr40mIWs/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIwNjg0X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtc2VydmljZXMuanBn.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72aab38240b9b692f47d3cf6d6f7b20d0a10c27355e5e25ad3b302a4757bd4e4

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675620684_employee-retention-credit-services.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24114
x-request-id: 21a50d2d1298391481c069fb07e2e3fc
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anr7xaLUF5s3p2VdxuKH5lVrq6qGwNo1OJuTk3JjPkdBbrsluZNqCT6CBKQjHsbJ%2FYD22d5EdYyNtRUl3E8%2BW541rny9NtZ172l2EkB1%2Bx9%2BJVl%2BW9eXQ5XtW53Fgf%2F2IFXe%2FljZ7TX1J1h31Mbcpbo2fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc55d2939c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIxMDg2X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtcXVhbGlmaWNhdGlvbi5qcGc.webp
images.groovetech.io/QEri_Bvul1ViYcQWLNWPhukKgkuuJXfpobrY4279HJg/rs:fit:0:0:0/g:no:0:0/c:0:0/ 30 KB
30 KB 569ms
515ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/QEri_Bvul1ViYcQWLNWPhukKgkuuJXfpobrY4279HJg/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIxMDg2X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtcXVhbGlmaWNhdGlvbi5qcGc.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24a7d312ab20625fc81cd2a20198324c073b138f8038eb1542196e8dfc584fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675621086_employee-retention-credit-qualification.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30560
x-request-id: cee9039607bd686dda012ce138fb3dd9
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBVkBweRGjc7HoY7MK4qQNeagU%2BdlhC2e9xX0S3IMNoJBrSjc8xO%2BMPsiqDFjXr8pazzR2%2FzSNvDwb%2BWTTkMxfVrttu9bU%2BhqlG7CD5iZnzxT74jVMCLB0kWvRORrHbI3sovoVJ%2BLwUzWCp8wWN0Yl5UuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc55d2c39c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 73ms
31ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMBjTi4BIa1YUk3OmKVm16SZlBj233ynmUkF%2BA1B7kyiB6FY3A0ZBNvlCwyhegTnDPzOI5p5voD6rg83ShEyWdHwlFTjwr8DGTanel%2Fph2DvmaNXrOIg2D3FsHvd7Xij3HIVl3KUOH%2BBoXQjJ20H6x365A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7cb32dc53eb72c7a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: sOfNpPwxxfgc_dh027UW6hoYQQDoQvG-UgNbsZjpPFb8woITYro3kw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 75ms
33ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
via: 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sz%2BSqDEi1U6crsIFB%2BZpgBOznAbEB8eX%2BVoqr%2BP%2B3TGjL3o1JEmn5e9O7NP%2Fx4QOOSsjf%2BcEM9%2FLPRe%2Fc%2Fkuid1noh6lidk9dEgsFhM2W7TlgB%2BK6EU7N9LdkRdOmyu9jJ8hEj7n6pvjaCPWf2cSoC4x7A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7cb32dc53eb82c7a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: kIWztuY9qJT3NB_cu4MGdFzggkvEDMYDJnNX7GmRcnxT0a28pOghnA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 72ms
30ms Fetch
text/css 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
via: 1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rf9FmbtPT7YEldufGoAVfgh4my%2F7gHUw4LwLrGsqePMPX1K5Tyrugt4E%2BilxrhuuLCz00e6EdONyk5zMq1hqlQUPYmuakwjHbkp12rCeJq%2FwG2HrXeN6xypXF9p2jbg7ibpC5h8EpQhvHHkoSuqkjT9Vwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7cb32dc53eb92c7a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: f-Iq6LJdDQRaX8t1dgCa95JvNVnQu2OB8dASFh7A8DpikbofqRJGQg==

GET
H2 200 matomo.js Show response
matomo.groovetech.io/ 98 KB
31 KB 83ms
28ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6720efbb19ab3deda0f394ad5c0865ef0f97338822d30a440ba9cf36769c71a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 13:13:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5383
etag: W/"1895d-5e42841a471ad-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EwUOMobMd1s3R5GrI8WAuvqiI7DoqOGzc9gvR2aPN5eaORFNS2IUPQc1DAR5%2BkwXT0gBeGSpNTZ5oFm%2BvKIlRK4LMOTOJnVH6qDM5Dvuy%2BqymMWByZVdn343m6Pm2FjsdaPFlODLN9S81RjAVUBt%2FLkyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cb32dc5597a68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 css
fonts.googleapis.com/ 2 KB
564 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovemail/embed/app.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c2b1edf558d11d547112905778f404d990359ee2df7646282994f66b6591d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 May 2023 05:51:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 May 2023 06:59:51 GMT

GET
H/1.1 200
OK s Show response
ip2c.org/ 16 B
217 B 168ms
62ms Fetch
text/html 77.55.216.90
NAZWA

General

Check archive.org

Show headers Download Go to

Full URL: https://ip2c.org/s
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovemail/embed/countryCodeInput.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 77.55.216.90 , Poland, ASN15967 (NAZWA, PL),
Reverse DNS: dedicated-aii90.rev.nazwa.pl
Software: nginx /
Resource Hash: 7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 May 2023 06:59:51 GMT
Server: nginx
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjE5NjI0X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtZXJjLmpwZw.webp
images.groovetech.io/Jl7KUD8C3CTyRxS-kGHyl5uavIVBmAuqtDoiSAl3rqA/rs:fit:0:0:0/g:no:0:0/c:0:0/ 40 KB
40 KB 568ms
568ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/Jl7KUD8C3CTyRxS-kGHyl5uavIVBmAuqtDoiSAl3rqA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjE5NjI0X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtZXJjLmpwZw.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/index.css?v=1.1684276038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

496ddefa6a5ec0e0bf3c65afe7d5653de09d1b853b879300caf986c34ff27045

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675619624_employee-retention-credit-erc.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40558
x-request-id: 8598503b114ab144c1441f4c2b41a2d2
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSVA4Am3rn4XOQrFPud3ALjlaPBkOm0%2FYh%2FhB1Obgd0%2FEJksTq5ppM4TZ4wFnVTN7zn74dzYL13VAthI%2BBBvFIFUCaJgF8NciSv5qbEmATM3jM0liRY%2BrDWqylsiJWr%2FzgdX66L5%2BI67eMtv%2FFXS%2FKT1hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5ada139c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 71ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,300;0,400;0,700;0,900;1,300;1,400;1,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:01:25 GMT
x-content-type-options: nosniff
age: 176306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:01:25 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ 45 KB
46 KB 92ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 18:18:02 GMT
x-content-type-options: nosniff
age: 132109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 18:18:02 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 28ms
27ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://myercrefund.net/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
via: 1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6agT4io0rpyjQH%2B1kndhY8w3EoYEESeRcaLqoFOITGo0QLoAoPjbqZ5zElE0rwLwi2CQE950UrbSDLIv28vvnafn%2Fgksbjii%2B3BUixhmUgCo%2FkQREFgVkC7VH%2B0NeQye%2BAwelvNew5WkACBaJ9yTJGs5g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7cb32dc5af3d2c7a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: yaFLfNggjnCu8uMMITcaaY-JV-mjd2ddJGY__S6U81nk7SErSxiyMw==

POST
H2 204 matomo.php
matomo.groovetech.io/ 0
341 B 92ms
90ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=myercrefund.net%2FMy%20ERC%20Refund&idsite=4&rec=1&r=563476&h=6&m=59&s=51&url=https%3A%2F%2Fmyercrefund.net%2F&_id=14468f6b76ed1d0b&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=638ccc316e31f957e631c312&dimension2=nX1VEG5u6&pv_id=TPmsFC&pf_net=55&pf_srv=208
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://myercrefund.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtOBrdBJ9bQO01oR%2BVf47HeyVon3r%2BXl6V7owMbSmYZmyETCM0GXeJcWrc%2FIEDih81ZjhUX75IeqE%2BfTtiOnVHaLAHjfIIEwGNm1oQhL8FNhC5woll4cd4Ur5aIJzbZbmv3vJlYf3OgR1aYAufS3KLrHuw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://myercrefund.net
access-control-allow-credentials: true
cf-ray: 7cb32dc5c9cd68e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIyNDIyX3NjaGVkdWxlLWNhbGwtZXJjLWNvbnN1bHRhbnRzLmpwZw.webp
images.groovetech.io/xC76hJI7P4RSHkhg8Vuxe3QXDZqw9sPfJVNTE6wne6U/rs:fit:0:0:0/g:no:0:0/c:0:0/ 34 KB
35 KB 451ms
449ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/xC76hJI7P4RSHkhg8Vuxe3QXDZqw9sPfJVNTE6wne6U/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjIyNDIyX3NjaGVkdWxlLWNhbGwtZXJjLWNvbnN1bHRhbnRzLmpwZw.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b770bede8c1221230c73a0deaddcdd8c869b17ad415b566d6f3eaa87b98a8720

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675622422_schedule-call-erc-consultants.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34806
x-request-id: 3a64dbe2686914ba64072b1889baa31f
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wt86BnZdod88gk6p4%2BVrUGDXF2bkSVL3PDwjUDDPIBPzmdBbdED3WOWv%2Fl3PBMeZ1p54fO%2FTIPh%2F1mk5UfFwSjyyVRpsk2haX%2BFw54I6U11R61jJM4ORZF0mAVveiFeQRLcR2jTKqeqHeT56a6iWnrU8sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5cddc39c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1MTA3X2RvbWlub3MuanBn.webp
images.groovetech.io/iW4RAbXYXMz3RClWZDEctREAw2XVWLZLEnMhSbKC_70/rs:fit:0:0:0/g:no:0:0/c:0:0/ 2 KB
2 KB 351ms
349ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/iW4RAbXYXMz3RClWZDEctREAw2XVWLZLEnMhSbKC_70/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1MTA3X2RvbWlub3MuanBn.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ac28d395ee9170857bce71fa306a75000d97604b118b86cfcf5f7b8354bd2fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675625107_dominos.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1676
x-request-id: 0d67ff5609b2fe661cb08f20d3650eac
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdtlKuC6V5%2FJAII8FCDKb5kcQEi4d7TInFcsA8VziCJxZhnN%2FZQKOzpRW9H7tr1ElWPfrtPo7RlXUWTFJzGWdE4fIfNhxHkh0%2FSRCnn2hX%2BkkJzksBvcaXh%2Bcq7I%2FRcNqb9fJL3l%2BNiG380Txcv3oU7ArQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5cddd39c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1NjIwX2duYy5qcGc.webp
images.groovetech.io/2SSLyN-z5SgJmRU1QHg1oJjFJWMx8FLhV6xs5qVAEwk/rs:fit:0:0:0/g:no:0:0/c:0:0/ 1 KB
2 KB 333ms
331ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/2SSLyN-z5SgJmRU1QHg1oJjFJWMx8FLhV6xs5qVAEwk/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1NjIwX2duYy5qcGc.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5087dcc303cb88c124e59905a3b3e05f1e5d3d0f930689905e75c5dced7b13a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675625620_gnc.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1358
x-request-id: f2e19bf78e61e5d903ca611f0a7f1505
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbaNOmwX51gg%2FekB4rw2dbrZo0l6ca6TFV003e1rqSpco3dgya427kNlz0OoOHs%2F8FODIor0m44HT9RN4C%2BMGiVvKUyok906h8urSw2NRWjhRkCY3xMCBg7x411NDWYNSuzY0LM3%2FEo3oJODqK29iHeC8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5cddf39c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1NzQ3X25vYnUuanBn.webp
images.groovetech.io/vOMQXYXqAoVUJqmeBgnCQ1VK1M3spRcZIFMw8eV5u_g/rs:fit:0:0:0/g:no:0:0/c:0:0/ 1 KB
2 KB 337ms
335ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/vOMQXYXqAoVUJqmeBgnCQ1VK1M3spRcZIFMw8eV5u_g/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1NzQ3X25vYnUuanBn.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200e428e18e968783750bb162edd262944e21e95e83af4ad1956918cb18a474e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675625747_nobu.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1532
x-request-id: 48d275576d04e06df1e419ba6e4190e6
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IprlRkahkYd1z7N2mH5jKTNn5tv6rhaCcVnqaAkYXOIsbCQjZY6KOW0MNns%2B4UdzpBbpvKdXHrQCfLaJqLUxaBVSeko08RL5B7W7z1Dj9PbJMHgVx0UjtQ3AfIDC%2FDyYcoy7s%2BGFfVBpoZaltNjLiNUWFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5cde039c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1OTg0X2J1dHRvbWxpbmUtY29uZWNwdHMtbG9nby5wbmc.webp
images.groovetech.io/rgDuJ-lLBhQDOiL4Fy00JTTkE3HlgJVTv6lZ1YvZ0D4/rs:fit:0:0:0/g:no:0:0/c:0:0/ 13 KB
14 KB 433ms
431ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.groovetech.io/rgDuJ-lLBhQDOiL4Fy00JTTkE3HlgJVTv6lZ1YvZ0D4/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjI1OTg0X2J1dHRvbWxpbmUtY29uZWNwdHMtbG9nby5wbmc.webp

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71899b363821858f3340ad4cc2e208346abc22998be0eb6e16861c56283b4c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675625984_buttomline-conecpts-logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13586
x-request-id: afea975eb2771de199b83ba9d67e1e96
last-modified: Mon, 22 May 2023 06:59:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWoVyxIOKSeeWXwJfpEw0hYZIlgQ%2F4%2B2UbnByyPantEDZbV2mMa%2BoT6pVtdatEs1NUDowaim2Yr4NHXZdLzxsQ3eYHsiJfa%2FzFAOzSn6BBhdYYhL1OtUlBPPYMRvbVx3cdkGukKhATR5uvS2%2F9C88SbabQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dc5cde239c1-FRA
expires: Tue, 21 May 2024 06:59:51 GMT

GET
H2 200 inpage_published.js Show response
app.groove.cm/groovepages/js/ 28 KB
10 KB 29ms
28ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2825172d74142f19d66fb3691d5fc8b609c56805bc508ba25e2b81f28934101

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 19 May 2023 12:55:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4762
etag: W/"646771b3-7163"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmVAbW1yoGGfwFlg9HUwfEK7fEh%2FKJI%2BhIuc%2F1fzTAofGSEPDmgeGZxwrkXYH4kJT06OiTqkFYhgmhZDbVzrfACSWwZs6Gd0JBHLIZcIQZJjpRB4vwhKMiQt26rka7sqXjxzc72VF3d2bf5e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7cb32dc5ce8492c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 130 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9c44b7ae7d8390cc4ce6c6c3f11a464c837c3eb89ed4595a7163be7b45e1dad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 14 KB
14 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:14:33 GMT
x-content-type-options: nosniff
age: 175518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14060
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:44:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 06:14:33 GMT

GET
H3 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 13 KB
14 KB 37ms
36ms Font
font/woff2 2606:4700:e6::ac40:cb1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: myercrefund.net
URL: https://myercrefund.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:cb1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://myercrefund.net/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:51 GMT
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 28653
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2BMRMG3PbiYYhRBCSfJ7OWTnxQoNdaUi569vvizwHPRkxL0rBI7HPFi6q%2BaTQnTef3%2BzqMkpm0ghEarPfYbsvX7ScJ%2FnWllJaq1b0R0Z%2BB4L53edyZyA%2Bx4Wh9sSzwMzKH%2B%2Bj%2Ba7NVoWWlvu%2FDiEZUpyAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7cb32dc6ff46383a-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: ptl1RT_aKeDROuZ3-TsVjJvx0zX-njE9dpyCZ-LdyIrJFSS5QO-cAw==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://myercrefund.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 197587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 May 2024 00:06:44 GMT

GET
H3 200 aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmNjdjYjc3MDAzNTAzMDA3MmQ4MzYwZi8xNjc1NjE3Mzg5X2VtcGxveWVlLXJldGVudGlvbi1jcmVkaXQtYm90dG9tbGluZS1jb25jZXB0cy5wbmc.webp
images.groovetech.io/alR_J-zOVa8UJky6rF5-UZ-aGIfz8f7Z43nGgCT_nwQ/rs:fit:0:0:0/g:no:0:0/c:0:0/ 26 KB
27 KB 417ms
417ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: myercrefund.net
URL: https://myercrefund.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdd68096b4bcc1cef443e144117a65eee2c5a4f4748e64d7e88d61ec615ab306

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://myercrefund.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 06:59:52 GMT
content-security-policy: script-src 'none'
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="1675617389_employee-retention-credit-bottomline-concepts.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26710
x-request-id: 9e23f3df124d1f8c96eaecbcb8f94518
last-modified: Mon, 22 May 2023 06:59:52 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6afboG0sdCE85JDw7k6N%2BohlcA32FQRFfIEd7xxRt4815qgUKCdjH%2FbyRitDodpoqi33QhuBa9gjA%2Fgvzd8BhRt%2FUwlZ52y1%2FW8kL0Hdgm7ku04xFKloojvTYfSt6bI%2BkTd9LBvsq11wr7PpBBVWKXBrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7cb32dcbac751c2a-FRA
expires: Tue, 21 May 2024 06:59:52 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
myercrefund.net/	1970-01-20 21:24:53	Name: _pk_id.4.25b1 Value: 14468f6b76ed1d0b.1684738791.
myercrefund.net/	1970-01-20 11:59:00	Name: _pk_ses.4.25b1 Value: 1
myercrefund.net/	1969-12-31 23:59:59	Name: hasVisitedPopupPage Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.groove.cm
fonts.googleapis.com
fonts.gstatic.com
images.groovetech.io
ip2c.org
ka-f.fontawesome.com
kit.fontawesome.com
matomo.groovetech.io
myercrefund.net
widget.groovevideo.com
2606:4700:3032::6815:b21
2606:4700:3037::6815:5597
2606:4700::6812:1634
2606:4700:e6::ac40:cb1c
2a00:1450:4001:808::200a
2a00:1450:4001:82b::2003
2a06:98c1:3120::3
2a06:98c1:3121::3
77.55.216.90
200e428e18e968783750bb162edd262944e21e95e83af4ad1956918cb18a474e
20534c34589d674089c28fb27c5480cdfd1ccd76afe405de6a0a0d0ea12ab6be
2a7e864ad02dfa72fd70032b53298dd0cd7c66fc831d33dac80096f961c49a8d
37d390cd381f391cd8bdfe34ed38c9cd8c830d3b8a1c5ffbc681befd08dd68af
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
496ddefa6a5ec0e0bf3c65afe7d5653de09d1b853b879300caf986c34ff27045
5087dcc303cb88c124e59905a3b3e05f1e5d3d0f930689905e75c5dced7b13a8
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
6720efbb19ab3deda0f394ad5c0865ef0f97338822d30a440ba9cf36769c71a4
685aba943d59dddedc7058ef320cec983137b08035154df289ac3eabd0b0c05b
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7078ee46e8af3a161a3fba62f74bab02ebf7ca34b6df175e44d99038d2cf89df
72aab38240b9b692f47d3cf6d6f7b20d0a10c27355e5e25ad3b302a4757bd4e4
7c2b1edf558d11d547112905778f404d990359ee2df7646282994f66b6591d66
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9445e4776ca7dad73721312d0da7a2637b02577b540c140102b5abc8bb98ee49
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
99b217f1888c23a6cb60c3ff03117b59f9bee0784cad0910496a25361cf8994c
9ac28d395ee9170857bce71fa306a75000d97604b118b86cfcf5f7b8354bd2fb
a71899b363821858f3340ad4cc2e208346abc22998be0eb6e16861c56283b4c9
b770bede8c1221230c73a0deaddcdd8c869b17ad415b566d6f3eaa87b98a8720
c2825172d74142f19d66fb3691d5fc8b609c56805bc508ba25e2b81f28934101
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c9c44b7ae7d8390cc4ce6c6c3f11a464c837c3eb89ed4595a7163be7b45e1dad
ca3653d59e71086d39975a1b9de4ad7bc8631b2cef934cc7f74d1de2ff1e2f52
cd4509fbd17162cd773ead447360babd14414e21042ad32a347bc11a2b6180d2
d24a7d312ab20625fc81cd2a20198324c073b138f8038eb1542196e8dfc584fa
d6e1ac7ecd3e07648966dc0f30701a991a4174afa798c27018fa3ddeb3088d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fdd68096b4bcc1cef443e144117a65eee2c5a4f4748e64d7e88d61ec615ab306

myercrefund.net Open in urlscan Pro 2606:4700:3037::6815:5597 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

89 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

1113 kBTransfer

4237 kBSize

3 Cookies

1 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

myercrefund.net Open in urlscan Pro
2606:4700:3037::6815:5597 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

1113 kB
Transfer

4237 kB
Size

3
Cookies

34 HTTP transactions
1 data transactions