www.easymoneyforcontractors.veterinaryclinictaxcredit.com Open in urlscan Pro
192.185.16.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2022, 7:54:13 pm UTC) — Scanned from DE

Summary HTTP 194 Redirects Behaviour Indicators

Summary

This website contacted 56 IPs in 3 countries across 57 domains to perform 194 HTTP transactions. The main IP is 192.185.16.113, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.easymoneyforcontractors.veterinaryclinictaxcredit.com.
TLS certificate: Issued by R3 on March 6th 2022. Valid for: 3 months.

This is the only time www.easymoneyforcontractors.veterinaryclinictaxcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.185.16.113 192.185.16.113	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2606:4700:303... 2606:4700:3033::ac43:c96b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2 33	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
5	2600:9000:210... 2600:9000:2104:7600:b:d801:7900:93a1	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700::68... 2606:4700::6812:14b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	44.194.91.8 44.194.91.8	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
4	2a00:1450:400... 2a00:1450:4001:808::200e	() ()
6	108.128.72.146 108.128.72.146	() ()
3	2a00:1450:400... 2a00:1450:4001:811::200a	() ()
2	2a00:1450:400... 2a00:1450:4001:810::200e	() ()
2	216.58.212.162 216.58.212.162	() ()
5	2a00:1288:80:... 2a00:1288:80:807::1	() ()
1 4	2620:1ec:c11:... 2620:1ec:c11::200	() ()
2	2a02:2638::3 2a02:2638::3	() ()
2	52.70.96.75 52.70.96.75	() ()
2	34.232.251.165 34.232.251.165	() ()
2	2600:9000:210... 2600:9000:2104:ea00:6:36e8:9f00:93a1	() ()
2	2a00:1450:400... 2a00:1450:4001:811::2002	() ()
4 6	2a02:2638::1c 2a02:2638::1c	() ()
2	2a00:1450:400... 2a00:1450:4001:80e::2004	() ()
2	2a00:1450:400... 2a00:1450:4001:80f::2003	() ()
3	212.82.100.181 212.82.100.181	() ()
2	178.250.0.157 178.250.0.157	() ()
2 5	178.250.2.151 178.250.2.151	() ()
2	74.119.119.150 74.119.119.150	() ()
2	40.76.174.66 40.76.174.66	() ()
1 2	52.142.114.2 52.142.114.2	() ()
1	52.219.176.172 52.219.176.172	() ()
3	13.32.99.103 13.32.99.103	() ()
2	35.244.174.68 35.244.174.68	() ()
1 1	142.250.184.226 142.250.184.226	() ()
1	52.209.248.164 52.209.248.164	() ()
2	3.126.56.137 3.126.56.137	() ()
1	70.42.32.191 70.42.32.191	() ()
1	104.84.56.126 104.84.56.126	() ()
1	69.173.144.138 69.173.144.138	() ()
3 4	185.33.220.240 185.33.220.240	() ()
1 2	76.223.111.18 76.223.111.18	() ()
1	2.22.32.24 2.22.32.24	() ()
1 2	104.108.145.8 104.108.145.8	() ()
1	2600:9000:225... 2600:9000:225f:e00:1b:5138:8a40:93a1	() ()
1	52.210.228.8 52.210.228.8	() ()
1	104.111.242.245 104.111.242.245	() ()
1	141.226.228.48 141.226.228.48	() ()
1	185.86.137.131 185.86.137.131	() ()
1	35.158.213.49 35.158.213.49	() ()
1 2	54.154.22.197 54.154.22.197	() ()
2 2	52.59.41.116 52.59.41.116	() ()
1 1	2.18.234.233 2.18.234.233	() ()
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	() ()
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	() ()
194	56

1 192.185.16.113 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: nynonprofit.com

www.easymoneyforcontractors.veterinaryclinictaxcredit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:c96b (United States)

ASN13335 (CLOUDFLARENET, US)

ertcshortcut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a06:98c1:3120::7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

app.groove.cm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
matomo.groovetech.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.groovefunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2104:7600:b:d801:7900:93a1 (United States)

ASN16509 (AMAZON-02, US)

widget.groovevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.groovevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700::6812:14b4 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.grooveapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

v1.gdapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.194.91.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-91-8.compute-1.amazonaws.com

fs22.formsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.productstash.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.tooltip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (None, )

ASN- ()

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.128.72.146 (None, )

ASN- ()

api.loopedin.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:80:807::1 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (None, ) 1 redirects

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.96.75 (None, )

ASN- ()

175592.tracking.hyros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.251.165 (None, )

ASN- ()

pp.signalayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2104:ea00:6:36e8:9f00:93a1 (None, )

ASN- ()

data.tooltip.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638::1c (None, ) 4 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.82.100.181 (None, )

ASN- ()

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.151 (None, ) 2 redirects

ASN- ()

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.119.119.150 (None, )

ASN- ()

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.174.66 (None, )

ASN- ()

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (None, ) 1 redirects

ASN- ()

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.176.172 (None, )

ASN- ()

groovevideo-videos.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.103 (None, )

ASN- ()

beacon-v2.helpscout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (None, )

ASN- ()

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.248.164 (None, )

ASN- ()

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (None, )

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.191 (None, )

ASN- ()

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.84.56.126 (None, )

ASN- ()

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (None, ) 3 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (None, ) 1 redirects

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.32.24 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.145.8 (None, ) 1 redirects

ASN- ()

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:e00:1b:5138:8a40:93a1 (None, )

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.228.8 (None, )

ASN- ()

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (None, )

ASN- ()

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (None, )

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.213.49 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.22.197 (None, ) 1 redirects

ASN- ()

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.41.116 (None, ) 2 redirects

ASN- ()

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (None, ) 1 redirects

ASN- ()

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (None, )

ASN- ()

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (None, ) 1 redirects

ASN- ()

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	grooveapps.com assets.grooveapps.com — Cisco Umbrella Rank: 252528	1 MB
16	groove.cm app.groove.cm — Cisco Umbrella Rank: 261611	6 MB
15	criteo.com 6 redirects gum.criteo.com mug.criteo.com sslwidget.criteo.com widget.us.criteo.com dis.criteo.com	32 KB
13	gstatic.com fonts.gstatic.com	287 KB
10	groovetech.io matomo.groovetech.io — Cisco Umbrella Rank: 311341	68 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com	653 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	251 KB
7	formsite.com fs22.formsite.com — Cisco Umbrella Rank: 441039	28 KB
6	yahoo.com sp.analytics.yahoo.com ads.yahoo.com ups.analytics.yahoo.com	2 KB
6	loopedin.io api.loopedin.io	5 KB
6	gdapis.com v1.gdapis.com — Cisco Umbrella Rank: 657042	4 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1590 ka-f.fontawesome.com — Cisco Umbrella Rank: 2959	114 KB
5	groovevideo.com widget.groovevideo.com — Cisco Umbrella Rank: 950247 videos.groovevideo.com	3 MB
4	adnxs.com 3 redirects secure.adnxs.com	4 KB
4	clarity.ms 1 redirects d.clarity.ms c.clarity.ms	24 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	13 KB
4	yimg.com s.yimg.com	12 KB
4	youtube.com www.youtube.com	100 KB
4	tooltip.io cdn.tooltip.io — Cisco Umbrella Rank: 160912 data.tooltip.io	162 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	270 KB
4	productstash.io cdn.productstash.io — Cisco Umbrella Rank: 695153	16 KB
3	helpscout.net beacon-v2.helpscout.net	264 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com cdn.stickyadstv.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	716 B
2	360yield.com 1 redirects ad.360yield.com	408 B
2	casalemedia.com 1 redirects r.casalemedia.com	2 KB
2	3lift.com 1 redirects eb2.3lift.com	738 B
2	rlcdn.com idsync.rlcdn.com	395 B
2	google.de www.google.de	656 B
2	google.com www.google.com	656 B
2	signalayer.com pp.signalayer.com	519 B
2	hyros.com 175592.tracking.hyros.com	339 B
2	criteo.net static.criteo.net	26 KB
2	googleadservices.com www.googleadservices.com	30 KB
2	google-analytics.com www.google-analytics.com	39 KB
2	groovefunnels.com 2 redirects app.groovefunnels.com — Cisco Umbrella Rank: 797291	950 B
2	ertcshortcut.com ertcshortcut.com	52 KB
1	turn.com 1 redirects d.turn.com	418 B
1	sharethrough.com match.sharethrough.com	263 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	taboola.com sync-t1.taboola.com	99 B
1	teads.tv criteo-sync.teads.tv	172 B
1	revcontent.com trends.revcontent.com	174 B
1	smaato.net s.ad.smaato.net	241 B
1	media.net contextual.media.net	784 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	addthis.com cw.addthis.com	425 B
1	outbrain.com sync.outbrain.com	476 B
1	mediawallahscript.com partner.mediawallahscript.com	232 B
1	amazonaws.com groovevideo-videos.s3.amazonaws.com	2 KB
1	veterinaryclinictaxcredit.com www.easymoneyforcontractors.veterinaryclinictaxcredit.com	271 B
0	tremorhub.com Failed criteo-partners.tremorhub.com Failed
0	postrelease.com Failed jadserve.postrelease.com Failed
0	liadm.com Failed i.liadm.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
0	pubmatic.com Failed simage2.pubmatic.com Failed
194	57

	Domain	Requested by
16	assets.grooveapps.com	ertcshortcut.com
16	app.groove.cm	ertcshortcut.com widget.groovevideo.com app.groove.cm www.easymoneyforcontractors.veterinaryclinictaxcredit.com
13	fonts.gstatic.com	fonts.googleapis.com fs22.formsite.com
10	matomo.groovetech.io	ertcshortcut.com matomo.groovetech.io app.groove.cm
8	cdnjs.cloudflare.com	app.groove.cm
7	fs22.formsite.com	ertcshortcut.com fs22.formsite.com
6	gum.criteo.com	4 redirects static.criteo.net
6	api.loopedin.io	cdn.productstash.io
6	v1.gdapis.com	widget.groovevideo.com app.groove.cm
6	fonts.googleapis.com	ertcshortcut.com app.groove.cm
5	ka-f.fontawesome.com	kit.fontawesome.com ertcshortcut.com
4	secure.adnxs.com	3 redirects ertcshortcut.com
4	videos.groovevideo.com	app.groove.cm
4	s.yimg.com	www.easymoneyforcontractors.veterinaryclinictaxcredit.com s.yimg.com
4	www.youtube.com	app.groove.cm www.youtube.com
4	www.googletagmanager.com	app.groove.cm www.googletagmanager.com
4	cdn.productstash.io	app.groove.cm cdn.productstash.io
3	dis.criteo.com	ertcshortcut.com
3	beacon-v2.helpscout.net	app.groove.cm beacon-v2.helpscout.net
3	sp.analytics.yahoo.com	app.groove.cm ertcshortcut.com
3	bat.bing.com	www.easymoneyforcontractors.veterinaryclinictaxcredit.com bat.bing.com app.groove.cm
3	ajax.googleapis.com	fs22.formsite.com
2	pixel.advertising.com	2 redirects
2	ad.360yield.com	1 redirects ertcshortcut.com
2	r.casalemedia.com	1 redirects ertcshortcut.com
2	eb2.3lift.com	1 redirects ertcshortcut.com
2	ups.analytics.yahoo.com	ertcshortcut.com
2	idsync.rlcdn.com	ertcshortcut.com
2	c.clarity.ms	1 redirects app.groove.cm
2	d.clarity.ms	bat.bing.com d.clarity.ms
2	widget.us.criteo.com	app.groove.cm
2	sslwidget.criteo.com	2 redirects
2	mug.criteo.com	app.groove.cm
2	www.google.de	app.groove.cm
2	www.google.com	app.groove.cm
2	googleads.g.doubleclick.net	www.googleadservices.com
2	data.tooltip.io	cdn.tooltip.io
2	pp.signalayer.com	cdn.tooltip.io
2	175592.tracking.hyros.com	www.easymoneyforcontractors.veterinaryclinictaxcredit.com
2	static.criteo.net	www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	cdn.tooltip.io	app.groove.cm
2	app.groovefunnels.com	2 redirects
2	ertcshortcut.com	www.easymoneyforcontractors.veterinaryclinictaxcredit.com ertcshortcut.com
1	d.turn.com	1 redirects
1	cdn.stickyadstv.com	ertcshortcut.com
1	ads.stickyadstv.com	1 redirects
1	match.sharethrough.com	ertcshortcut.com
1	rtb-csync.smartadserver.com	ertcshortcut.com
1	sync-t1.taboola.com	ertcshortcut.com
1	criteo-sync.teads.tv	ertcshortcut.com
1	trends.revcontent.com	ertcshortcut.com
1	s.ad.smaato.net	ertcshortcut.com
1	contextual.media.net	ertcshortcut.com
1	pixel.rubiconproject.com	ertcshortcut.com
1	cw.addthis.com	ertcshortcut.com
1	sync.outbrain.com	ertcshortcut.com
1	ads.yahoo.com	ertcshortcut.com
1	partner.mediawallahscript.com	ertcshortcut.com
1	cm.g.doubleclick.net	1 redirects
1	groovevideo-videos.s3.amazonaws.com	app.groove.cm
1	c.bing.com	1 redirects
1	widget.groovevideo.com	ertcshortcut.com
1	kit.fontawesome.com	ertcshortcut.com
1	www.easymoneyforcontractors.veterinaryclinictaxcredit.com
0	criteo-partners.tremorhub.com Failed	ertcshortcut.com
0	jadserve.postrelease.com Failed	ertcshortcut.com
0	i.liadm.com Failed	ertcshortcut.com
0	x.bidswitch.net Failed	ertcshortcut.com
0	simage2.pubmatic.com Failed	ertcshortcut.com
194	71

This site contains no links.

Subject Issuer	Validity	Valid
*.veterinaryclinictaxcredit.com R3	`2022-03-06` - `2022-06-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-28` - `2023-01-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
videos.groovevideo.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.formsite.com Go Daddy Secure Certificate Authority - G2	`2022-03-01` - `2022-04-02`	a month	crt.sh
cdn.productstash.io R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.tooltip.io R3	`2022-01-10` - `2022-04-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.loopedin.io R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
tracking.hyros.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.signalayer.com Amazon	`2022-02-01` - `2023-02-28`	a year	crt.sh
*.tooltip.io Amazon	`2021-03-29` - `2022-04-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.helpscout.net Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
*.mediawallahscript.com Amazon	`2021-05-19` - `2022-06-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Frame ID: D6F195E93F13DF5F8AAF84003A5E7411
Requests: 1 HTTP requests in this frame

Frame: https://ertcshortcut.com/
Frame ID: 747D756F29DB74862FBBF0858C7A8783
Requests: 46 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Frame ID: 3F734588A7DD6C1EDB94ED9295AB44CC
Requests: 47 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Frame ID: 15FE9D5D2410E1C5D4EED71C479AF920
Requests: 51 HTTP requests in this frame

Frame: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Frame ID: 9E8B7AD17BBA8825A8CBC485EE7EE84F
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&origin=onetag
Frame ID: C331C7317F00319B7BE6C44DFE1E439E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&origin=onetag
Frame ID: ED0CDC826087200F1D737D017FF125A6
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=5ef7LOsmVXD_yh56-cxzOTY1nE28qMQz
Frame ID: CCB442170C6EFFCCFF0A024025CF2114
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ERTC-Tax Credit

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

194
Requests

87 %
HTTPS

42 %
IPv6

57
Domains

71
Subdomains

56
IPs

3
Countries

12284 kB
Transfer

37329 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://app.groovefunnels.com/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD HTTP 302
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Request Chain 36

https://app.groovefunnels.com/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e HTTP 302
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Request Chain 141

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uxtitHwrVHl0a09xUXViZ1lHQ0IrMm5qMFBOOUtHZFZKbXBmQ2tGN3V4TWw3K3hNUTdVN3hKK0owZHlPVzlnYktGUjRidmFxNnBVL004Y1p6M1MzOEk2NE9iV3NBUHRQUXNSSGtMNmEwaXUvb0FDS2VMelQvMmxGQWoyUGtZd1NGSlArSGpoOWpkZVZNSHJ1ZmhLcDIzTHhmdmNqUk04cVNJeEliOFVGcWJDK202a0JmSk5BbFRoTGVZRGNqTVBMUHEzSHJmZ1RkYlVpNFNsUDg2Y25PKzNIc0JmZi95cmYvdzRtbHkrVWxkOXE2eStuOExXRjdERnUxUDRBbnNNRVh4TXJUL2lGWnE4UjI5TlVsREhJR2EvZUM4WXdSaGMwRXdZZTQ3YmJjVzVJeXM5T1gxOUZOZU4yc1lrOGs5S2lNbEtGSXw&cppv=2

Request Chain 144

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=bFa1M3xJVlF5YURIQURUMHZLT1BvaTFjNUU0YktKaXE4TU8zTkIzQS9SeXNEMTQyTjlRdjJCL1BjN1g3QmtsQjJuR2RVUUtzN3pXNDRJOWlOSzQ4ZWgrbDZtK3ZmN3RwTEpsKzE5bFZ5NnF1cHdmZVpwUXJ2eTNKWjUvam5Kb2hjb0hFVXYyREdVNEl6cG1Majl1ZzRyWG5QZ1BmSElZUkpscHg5eHpWZmhSSE82UDFIZGVIWENQZXpOak9EU1N2OEpzZ1NUbDdwL21BcXpvYzBRYlg5QWhXVUxwRzlybXBqSmhkMm05WUZtNEN3SDI3K1FnSGdoK0hGaTNpUlpIK0RsYjJjTS9BSFdrUmJZc1h5ZWZXSlZXMWVyM0UvQ2RZRUNqdUdaWjJHMHR6NWtJMTZ2L1ZDVTVZeW9JOFVFY1VXRXZ0V3w&cppv=2

Request Chain 146

https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJGTThjd0hzb0N1R0dpSjhzMmgya2NaN0lOZkJmQzROaWwySlRER0ROeFRDSE5tTU15aSUyRkNseFliYkJTNTdXZVJhTzBoOG4wb0hjaHh0bGs3OERraXR0bndOZHdsTjlocXg4YjkyU2ZSTFdhekslMkZzQ0MwYVVsT1Z2eHFiSDhKMmpSSmtFR3N0RDFiMiUyQkpEaWV5SmhEa1pSMDI3b21WNCUzRA&tld=app.groove.cm&dtycbr=68955 HTTP 302
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJGTThjd0hzb0N1R0dpSjhzMmgya2NaN0lOZkJmQzROaWwySlRER0ROeFRDSE5tTU15aSUyRkNseFliYkJTNTdXZVJhTzBoOG4wb0hjaHh0bGs3OERraXR0bndOZHdsTjlocXg4YjkyU2ZSTFdhekslMkZzQ0MwYVVsT1Z2eHFiSDhKMmpSSmtFR3N0RDFiMiUyQkpEaWV5SmhEa1pSMDI3b21WNCUzRA&tld=app.groove.cm&dtycbr=68955

Request Chain 147

https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2ZjNsaWJKSE9pTHdoVEtvcTJ4bXlyNnN6WHdEaHROUVFhRyUyRklSY0ZZbkhwZGNBekRYRzVhZnQyRnloVEJ4aDJUWk94aHdSQ1pBRUtqbGZaJTJCTUNvNVI3b3QzQmNGV0NSUmZhZnVZd21qWXI1SUQ4dkpFcHklMkZLNG9oa1JFanZOVUlLOHNsM1JjalpsQXc1ayUyQmhmUmlsQ0J0dFBwNCUzRA&tld=app.groove.cm&dtycbr=34903 HTTP 302
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2ZjNsaWJKSE9pTHdoVEtvcTJ4bXlyNnN6WHdEaHROUVFhRyUyRklSY0ZZbkhwZGNBekRYRzVhZnQyRnloVEJ4aDJUWk94aHdSQ1pBRUtqbGZaJTJCTUNvNVI3b3QzQmNGV0NSUmZhZnVZd21qWXI1SUQ4dkpFcHklMkZLNG9oa1JFanZOVUlLOHNsM1JjalpsQXc1ayUyQmhmUmlsQ0J0dFBwNCUzRA&tld=app.groove.cm&dtycbr=34903

Request Chain 149

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&RedC=c.clarity.ms&MXFR=2066C38AE6C16F762113D2D5E2C16121 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&MUID=069DE39DC85763B93A35F2C2C9FB62D9

Request Chain 161

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=5ef7LOsmVXD_yh56-cxzOTY1nE28qMQz

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04cmwydFdnTXoxMlByemdId0NyTkJxeHB6d0M0QVNUZmNucXNJQQ HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Request Chain 171

https://secure.adnxs.com/setuid?entity=52&code=k-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ&seg=95287 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ%26seg%3D95287

Request Chain 173

https://eb2.3lift.com/xuid?mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

Request Chain 175

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA&C=1

Request Chain 183

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ

Request Chain 186

https://pixel.advertising.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&apid=UP322b58db-9d87-11ec-971a-061088aa4ac0

Request Chain 188

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-aZ6PVGgMz12PrzgHwCrNBqxpzwA1P2mcvFxvUQ&redirectId=69 HTTP 302
https://cdn.stickyadstv.com/one-shot/empty.gif

Request Chain 192

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/j83a5UPlABrccpCYh5aZ5FW9TTGEPELL/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2912315729240649649

Request Chain 193

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4023139566762234725

194 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.easymoneyforcontractors.veterinaryclinictaxcredit.com/ 181 B
271 B 657ms
141ms Document
text/html 192.185.16.113
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.16.113 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: nynonprofit.com
Software: Apache /
Resource Hash: a7345e5e7b11f2aaace21364e5b87087f9ddab450858c061694db22bd095f06b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

last-modified: Sun, 06 Mar 2022 19:47:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 155
content-type: text/html
date: Sun, 06 Mar 2022 19:54:08 GMT
server: Apache

GET
H2 200 / Show response
ertcshortcut.com/ Frame 747D 884 KB
51 KB 267ms
224ms Document
text/html 2606:4700:3033::ac43:c96b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ertcshortcut.com/
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c96b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88aad6eef53d8bb8a2a1111cf86de457f011118ea08b7950af7e5accfda63983

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-type: text/html
last-modified: Fri, 28 Jan 2022 22:41:59 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZt9gWJtxJx3AoY8eQE%2F0SEoTOv0vLvJZjwqiyEg9qjEjB3z4DirusGL%2F%2B5zMStF7XgJjtzTIhQgAnX1torosTY76o47yUIw%2B%2FyItv%2F%2Fujs6U9BevwpMjgnrM9rQFuvpVJW4%2FMjvpoKW1Oz6XMEP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7da43ecfbf9bf2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ Frame 747D 714 KB
137 KB 102ms
40ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:54:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:09 GMT

GET
H2 200 inpage_published.css
app.groove.cm/groovepages/css/ Frame 747D 377 KB
54 KB 70ms
39ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/inpage_published.css
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fb878ad6dce7f17e4fb5caa4e8ab5b90a8d519b7f6f0f9e46c67478a5a10229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:05:35 GMT
server: cloudflare
age: 2974
etag: W/"6220a0ff-5e4fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5uUoLVIjGyPSzuKr4fL2Ue1WVZS%2BhKPXTt2ZoaEIqm47fzV%2F9iPDosVZXV3Wjjk7YnXcoMp3AdnHnZ1GGpBGIJla0VDsVg8hHrtslxaozlfYhkwJhgbrIlSehcL0CJNRKSxXvu7Uw2UkON3T"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4408f139061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.css
app.groove.cm/groovepages/css/ Frame 747D 0
0 63ms
32ms Stylesheet
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 e7647a48d4.js Show response
kit.fontawesome.com/ Frame 747D 11 KB
4 KB 61ms
41ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/e7647a48d4.js

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://ertcshortcut.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6e7da440686e9034-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FtnivyWD5yhPrNblfLIh

GET
H2 200 css2
fonts.googleapis.com/ Frame 747D 695 KB
136 KB 58ms
58ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03740d913a5fcdc0e1c73857e83934b0bf85dd1f5b92e2e1f15f2e283d7261c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:54:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:09 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 747D 59 KB
13 KB 48ms
28ms Fetch
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dh%2B%2FANrkS2MISEcesMByF0x3f4hMGuDrGwc6tZfSaEFERAWTDpp%2FypJ5wpPSirDR0YQZwMopuaGSku9xlrvoZMMOnmZMdlTerQPtdFU17uF3Kf%2B0ZxStPcG329SZBGNpGv99RoB1DExM8MC9czioeWvp9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e7da4418d529bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 55Glki1VpVWIbszTZSJGj-ZH-D-va6t9T3boCkvgtwKoW672F7TDjQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 747D 26 KB
4 KB 56ms
36ms Fetch
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvVXlmZ7ZdMYsZC1Z1U3beUEttR%2BVDizAAxkbaPxb839RC80EKuk0Yo5wDCMVXmolO5Y3i1%2BfCzKEQ7qzgJhclMpDvY7Sy46OxvF5Ha64f0veRsPBsx5tWXFktO2Y6pLy3KXeKOUZAXYwtIrSMc8C8S9MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e7da4419d569bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: o_5OCrLf40HwmuXpYSBESAJ7SeYrJReCh7_EZ12smoeuyDxoN40u1w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ Frame 747D 3 KB
1 KB 76ms
56ms Fetch
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JytzGeQe5Xk4y%2FJbb2dsKvgsGcHjuEduxUEpR7kQEsisHYUN3pOPTnGcsdVwWVbIE4RqEZQKTVArWKX14%2Bz0FrL%2F3lt%2FNm0SBHN1iDqDT4SqLzTNhgSZ8SyUX47UxWWxBqBTQNoQ%2BM3%2BuPtSe8wT%2BBX1%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6e7da4419d599bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: IGtImRmxSeL7HhzejoeQ8Rl0g5qmfclyxG4CFvbVc7k-Ja6pExxMjQ==

GET
H2 200 matomo.js Show response
matomo.groovetech.io/ Frame 747D 62 KB
21 KB 310ms
38ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 17:08:21 GMT
server: cloudflare
age: 1508
etag: W/"f93c-5d58dd993cb40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QaYjmvvl4%2FyOpBg6AcHliP7K3OFOSUVdJpynOx5VdaMlCy24oFxqRDufJ%2BKF4l1a1Tgb2SZTNVwG0qujGNQktOSEmBqGlqefGaugEDAf76Li3zXmznC9qu86P7Z8%2F6W%2FcfvRUOZBOFZIEBlmaVD%2BuxEdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da44328c09180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ Frame 747D 8 KB
8 KB 42ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:15 GMT
x-content-type-options: nosniff
age: 347034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:40 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:15 GMT

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ Frame 747D 76 KB
77 KB 37ms
36ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://ertcshortcut.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n5Bss%2Bhzl9Tam%2BZjQsHVZvUtAgGY0cjP64x0KwbwoasDlpCq80QdN4sxA8qMrd7lvrrPP12OqbEDuXTMA2PbckiDpzvpzQAIAr1f%2FQcAkyDRuQpxgaWmxjfPwwbUcrExVlp1SFvl%2FPOmlt05cIvpd6vIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6e7da44359d39bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: WhE-c6unruxcCnM0ukDIk6RX76j3_YQbKz2TNbYgnSPfwGaqyrHlJQ==

GET
H2 200 app.js Show response
widget.groovevideo.com/widget/ Frame 747D 308 KB
309 KB 97ms
17ms Script
application/javascript 2600:9000:2104:7600:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.groovevideo.com/widget/app.js
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7600:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 05:25:37 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 13:48:27 GMT
server: AmazonS3
age: 52113
etag: "c720b112e41afb0ce50f2715cd52d83b"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 315185
x-amz-cf-id: w9Fa1epIpgaSPX3KD9SGQleVxrb4hJpXBIUt_T9RpHONHFPe-9lRiQ==

GET
H2 200 1597718141_diagram.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ Frame 747D 2 KB
3 KB 50ms
16ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597718141_diagram.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3aa5038f4c2d15d1f24ae3a8d914e8489bd38faac88e49400891b85b568314a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=3482
x-guploader-uploadid: ADPycdtFEC421avjycmR82_CcVnQAB_yqr_jlOQtBfcmEl6BZOFFQIyvZTXSuChkmbNfi8UDb7lVsKntQMcGkVFEmUo
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1597718141_diagram.webp"
content-length: 2504
cf-ray: 6e7da443ae5c908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Tue, 18 Aug 2020 02:35:41 GMT
server: cloudflare
etag: "465d676f542e1fed0d38a67589dc766a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=KuB+dQ==, md5=Rl1nb1QuH+0NOKZ1idx2ag==
x-goog-generation: 1597718141588225
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 3482
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1597717671_deadline.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ Frame 747D 2 KB
2 KB 51ms
17ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597717671_deadline.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c69bcd87891a42d96e5d30f79e017f7df78fb5d1b38c172bd8499afa53314d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=2675
x-guploader-uploadid: ADPycdv87eeGmd6Fqs_TVsKmAHygFaW3Eu3JCz048RqVs-uOdOHZ7B5of1XW3Bf5NJP5n_M99TFPL0D8VbvhvrGSFunohmuV3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1597717671_deadline.webp"
content-length: 1988
cf-ray: 6e7da443ae5d908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Tue, 18 Aug 2020 02:27:51 GMT
server: cloudflare
etag: "d6359770e28354b12c3872173e1ae8c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=Kwa5dQ==, md5=1jWXcOKDVLEsOHIXPhrowA==
x-goog-generation: 1597717671974940
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 2675
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1597718121_hashtag.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ Frame 747D 3 KB
3 KB 75ms
41ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597718121_hashtag.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bc2e45266401b0277b4fd26fdc5fc09eece68f3f95455432553149a9d4065dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=4243
x-guploader-uploadid: ADPycdugEPr2zeqsiYuQIsQSsPRGlI7UpnuyyfSdJYgDViJv5USOLxa1cxTGSEqEoAXQXK5m9B8FmBSP0NCcvHy6l6QchG9GEQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1597718121_hashtag.webp"
content-length: 3040
cf-ray: 6e7da443ae5f908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Tue, 18 Aug 2020 02:35:21 GMT
server: cloudflare
etag: "f70336704c1fd9b920a99a9aa2643a52"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=WW8kbQ==, md5=9wM2cEwf2bkgqZqaomQ6Ug==
x-goog-generation: 1597718121346867
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 4243
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1636764264_1636484892rItGZ4vquWk.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ Frame 747D 569 KB
570 KB 67ms
34ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636764264_1636484892rItGZ4vquWk.jpg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc41ffc9fb33501fcf5cb49b44c77dad397e6cb813ecb11ff30e3759bafac9ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: qual=85, origFmt=jpeg, origSize=1545579
x-guploader-uploadid: ADPycdtDND55goq51DXQ3cvW_XDxVmAFTPs38p8LuoHG41eno23CTQjkD9eQSKUvi7AVqUA1sCd2-6AJWd2VPYbd11PVDNfDZA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1636764264_1636484892rItGZ4vquWk.webp"
content-length: 582588
cf-ray: 6e7da443ae60908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Sat, 13 Nov 2021 00:44:49 GMT
server: cloudflare
etag: "58cff4d7002c5b05cdc8ac66c900954e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=cjdusQ==, md5=WM/01wAsWwXNyKxmyQCVTg==
x-goog-generation: 1636764289885380
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1545579
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1636821952_salon1.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ Frame 747D 21 KB
22 KB 75ms
42ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636821952_salon1.jpg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 204a2eedfab0e8fd23a8dcceae6d93c3c824ed90ef664b45e455283ea2145a7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: qual=85, origFmt=jpeg, origSize=80052
x-guploader-uploadid: ADPycduw28RpkjuCG_w0Q_wtOuog13ZaxCkQBlhWtaqPVJtkmiPmxPqb5vBOKKgkOEqWzmv-x3Q9M_mM2hoL4GDlP_w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1636821952_salon1.webp"
content-length: 21720
cf-ray: 6e7da443ae61908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Sat, 13 Nov 2021 16:45:53 GMT
server: cloudflare
etag: "41320baf34832999fc9fa5afa08a9d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=3QSzfw==, md5=QTILrzSDKZn8n6WvoIqddg==
x-goog-generation: 1636821953137827
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 80052
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1605594338_AdobeStock_232955923-scaled.jpeg
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ Frame 747D 341 KB
341 KB 76ms
43ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1605594338_AdobeStock_232955923-scaled.jpeg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b5b6dbacd834c25f8b7eecd19cae92f3d6ee6c14c2efffaeb7e6e0494a8d979

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: qual=85, origFmt=jpeg, origSize=606821
x-guploader-uploadid: ADPycdsI9-L3mtGJZ3futaHrdDB4O6TggOt0ZrZus8kZ8BMYbtzaqWgbdwlWiaZv9EU5fe_0aG2bcgjZW1f9gxpcbFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1605594338_AdobeStock_232955923-scaled.webp"
content-length: 348944
cf-ray: 6e7da443ae62908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Tue, 17 Nov 2020 06:25:39 GMT
server: cloudflare
etag: "2fc539f47bdf3f6aa1ed0d03966db744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=mZ7Nug==, md5=L8U59HvfP2qh7Q0Dlm23RA==
x-goog-generation: 1605594339161447
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 606821
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1636821807_pizza%20maker.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ Frame 747D 46 KB
46 KB 19ms
18ms Image
image/jpeg 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636821807_pizza%20maker.jpg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d72a0fbde35c547caabc6cfaa2c6a9f4d60653d96f38a5fe6e064fe7c7e9ab7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: degrade=85, origSize=48844, status=webp_bigger
x-guploader-uploadid: ADPycdss3Rr_PqczfWBik6wxelHufV9NNa1IAnVZcrzQSfl64qEhnnUXShZETYZTUT9lmQ6sbtDFRd7YlDUl423N6ss
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: image/jpeg
content-length: 46989
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Sat, 13 Nov 2021 16:43:28 GMT
server: cloudflare
etag: "d78fdb31f953e78b8a59ae19747a8631"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=L4dLYQ==, md5=14/bMflT54uKWa4ZdHqGMQ==
x-goog-generation: 1636821808037187
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 48844
accept-ranges: bytes
cf-ray: 6e7da443ae63908b-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1602495767_Tree%20Removal%20AdobeStock_141600960-min.jpeg
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ Frame 747D 24 KB
24 KB 34ms
33ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1602495767_Tree%20Removal%20AdobeStock_141600960-min.jpeg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbfe54a0e52908626c069d2c012626ddb5cccd3989c1057156a36ee2fae89f04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: qual=85, origFmt=jpeg, origSize=35423
x-guploader-uploadid: ADPycdtdvgC0jEfsIyb9XQ9cZP5Qt1YuqCAvCOr2I1w9tkv0xNLlWF_VJ1JVxhmHUSIKxdflp1spLWr5Fm7a5fkv0QtfUT2wng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1602495767_Tree%20Removal%20AdobeStock_141600960-min.webp"
content-length: 24396
cf-ray: 6e7da443ae65908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 12 Oct 2020 09:42:47 GMT
server: cloudflare
etag: "2b95bc80a2a426a9bf88c1f8c08f7be5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=V+q8Jg==, md5=K5W8gKKkJqm/iMH4wI975Q==
x-goog-generation: 1602495767959076
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 35423
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1599638309_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 94 KB
94 KB 41ms
40ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638309_Screenshot%202020-09-09%20at%201.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85635df68b8d195f5bd3b84eae58eb6bbef45ae3a8b6735860db715337f2e806

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=264509
x-guploader-uploadid: ADPycdtjuCUWz9Nw7_q1h8eVU6GSvtC5n8TQDNGygynt4u0ftwAy3_0K1MD1CVe6CsNV3qjcPdBRbxmGOOjp76mu3k436m2oKA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1599638309_Screenshot%202020-09-09%20at%201.webp"
content-length: 95814
cf-ray: 6e7da443ae69908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:03 GMT
server: cloudflare
etag: "deac46339d2a9799a918573ba08a4e30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=RSd0CA==, md5=3qxGM50ql5mpGFc7oIpOMA==
x-goog-generation: 1629118083149154
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 264509
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1594987612_5-stars.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 1 KB
2 KB 43ms
42ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1594987612_5-stars.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b45f5504b077fbe2d545f3b95edd6a1c393d59dd7e65c8a3c0f981658355fb41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 274
cf-polished: origFmt=png, origSize=3372
x-guploader-uploadid: ADPycdvOWZblzV07GNfH0-nHCw0X9CZmUkFC_6bIoDz4JOBd8DTY3cBWYEnwv25Em9GjFd1qYYaaSSqwR-6UfuYC7Vwp4sinkQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1594987612_5-stars.webp"
content-length: 1270
cf-ray: 6e7da443ae6b908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:46:54 GMT
server: cloudflare
etag: "8a3da401411e750e78b3a1e5a779aff5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=5vawBw==, md5=ij2kAUEedQ54s6Hlp3mv9Q==
x-goog-generation: 1629118014545462
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 3372
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1599638326_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 59 KB
60 KB 43ms
42ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638326_Screenshot%202020-09-09%20at%201.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c0a96a2e0c97784664302304156b2a40db0a686791e1549ab6f42acc4b8ad9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 273
cf-polished: origFmt=png, origSize=163384
x-guploader-uploadid: ADPycdvCF0kUbdHZCrFMld2De6v_UiK3KNlD1lhVx9ct0CBFQYG-WMLObPXCiLyjcEAiFE-VxB2PnMI9KqDMI5enoVY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1599638326_Screenshot%202020-09-09%20at%201.webp"
content-length: 60612
cf-ray: 6e7da443ae6e908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:03 GMT
server: cloudflare
etag: "367f5a51df3b5fd726f8a5d96f4ef149"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=mw6NCA==, md5=Nn9aUd87X9cm+KXZb07xSQ==
x-goog-generation: 1629118083333377
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 163384
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1599638341_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 52 KB
52 KB 42ms
41ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638341_Screenshot%202020-09-09%20at%201.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa1cf79fdb89e6ff28f4e17e1472de5fecb60884ab4625b01b5329ee6e7465b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=146342
x-guploader-uploadid: ADPycdsalYCjm7yceZ1ZHwjfnX_zF4VjcvDV8wewFIUf4afVvuDZW6cefHViOO7QcqJHeB3Zhaa9tmD_ATtBuG7DmSSDzirDvA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1599638341_Screenshot%202020-09-09%20at%201.webp"
content-length: 52834
cf-ray: 6e7da443ae6f908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:03 GMT
server: cloudflare
etag: "e41b60d62cd1542f89aa8bd1b728eec5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=edP21A==, md5=5Btg1izRVC+JqovRtyjuxQ==
x-goog-generation: 1629118083514753
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 146342
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1600932967_noun_Level%201_480108.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 5 KB
5 KB 41ms
40ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600932967_noun_Level%201_480108.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a00b9071e6f6fc2b7f45ee76bad85fc825037d1c0fca396462880b8378f3408

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=22514
x-guploader-uploadid: ADPycdsHB9ioxH4p3JCUwexN1kIfoIKFw3zAAjfjON0Y2EurYDuCURd43YVw9dAIxHwCdVUIyFfZex8RfOYbXIKAov_-06rnQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1600932967_noun_Level%201_480108.webp"
content-length: 4630
cf-ray: 6e7da443ae70908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:15 GMT
server: cloudflare
etag: "5c49649d511ae0cc6600d9a2e4365e77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=MTCoSA==, md5=XElknVEa4MxmANmi5DZedw==
x-goog-generation: 1629118095617334
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 22514
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1600933000_noun_Level%204_480114.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 5 KB
5 KB 42ms
41ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600933000_noun_Level%204_480114.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c177e9c84d392f24927bacc3365c8bb1515707a3c5dc159c14ab35a23d660a14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=21680
x-guploader-uploadid: ADPycdu-l1cB-5546k3NzZW_acJ0_UKScS6KL35PAdSog_QPHQ2MgOTF4SKXAlNEqV1wlWDCZIFAJGDVteE6wtHJ23g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1600933000_noun_Level%204_480114.webp"
content-length: 4646
cf-ray: 6e7da443ae72908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:15 GMT
server: cloudflare
etag: "6681e3379942fe9e42e0caae81a9d49b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=M65Jaw==, md5=ZoHjN5lC/p5C4MquganUmw==
x-goog-generation: 1629118095786359
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 21680
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1600933034_noun_Level%206_480107.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ Frame 747D 5 KB
5 KB 42ms
41ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600933034_noun_Level%206_480107.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eefcaed1e731e6269947209c907c643e8801654b1e6057d309cfbcdc790dd0ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=20826
x-guploader-uploadid: ADPycdswAm0absBkM7-qt2ww_YUQzJnS_tObcF90Tt03jkBFbNqoWnBx-RHfn6GY-KI0LNk6jEJJq2BJsrMz_SIVDU4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1600933034_noun_Level%206_480107.webp"
content-length: 4732
cf-ray: 6e7da443ae74908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Mon, 16 Aug 2021 12:48:15 GMT
server: cloudflare
etag: "5661c65bb8df198418347af96de18ace"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=OQ0aOQ==, md5=VmHGW7jfGYQYNHr5beGKzg==
x-goog-generation: 1629118095961057
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 20826
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 1636579332_Ring%20Dots%20Full.png
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ Frame 747D 3 KB
3 KB 43ms
42ms Image
image/webp 2606:4700::6812:14b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1636579332_Ring%20Dots%20Full.png
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c1ae13164e1fc30ddc513415b482b060b775f1bc1eb6e18a865b07101956b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: HIT
age: 13
cf-polished: origFmt=png, origSize=5671
x-guploader-uploadid: ADPycdtDe0EqdBtIbV6pF5c0HzW3jocN4EGxca_vDj9XN6SGiLAolz3ufQI7WAEbyiJttAm2fNFRrlIqj5PdBmIRELtQcmo7aw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="1636579332_Ring%20Dots%20Full.webp"
content-length: 3086
cf-ray: 6e7da443ae76908b-FRA
expires: Sun, 06 Mar 2022 23:54:09 GMT
last-modified: Wed, 10 Nov 2021 21:22:13 GMT
server: cloudflare
etag: "6c7617edea8ca8b1802723c3b1a3e9bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=LcbNbQ==, md5=bHYX7eqMqLGAJyPDsaPpvA==
x-goog-generation: 1636579333178844
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 5671
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H3 200 email-decode.min.js Show response
ertcshortcut.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame 747D 1 KB
1 KB 31ms
15ms Script
application/javascript 2606:4700:3033::ac43:c96b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ertcshortcut.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c96b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Mar 2022 15:11:12 GMT
server: cloudflare
etag: W/"621f8910-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDm%2Fp9%2BdUup3vjxng79CXhlru%2Bc5oA3tVeYacBlPHnDbJNWKenZilWbkZPgAP6Q%2F1XnJ7e1nlLEEGM2GGhIfuF25F929atrfSxdMqZmQUQ84AxTXkZ4qk6IQhAR9G%2BDCZyqduDrNH%2FD5jmPZfmhI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4438a1590a3-FRA
vary: Accept-Encoding
expires: Tue, 08 Mar 2022 19:54:09 GMT

GET
H2 200 inpage_published.js Show response
app.groove.cm/groovepages/js/ Frame 747D 81 KB
30 KB 27ms
19ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/inpage_published.js
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f027ea063eee0d6e52cca300261c8769a933de84ffdb7e6a2214d447793444db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:05:35 GMT
server: cloudflare
age: 4932
etag: W/"6220a0ff-145c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBrUBafEVlw%2B%2B4RvWtHdiIf4B9wTdW4dx3jvNn3IUyb3MIPfMKJ1iH1xTqO4jBT29Hs6vyVvq1D%2BIIsHzGJvYHbzG6ia6STShmqHbmeg5yo7fOqy4xbExQJE1abDQ4wDMkFvYBNDY%2BBl9FLd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4438dd59061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.js Show response
app.groove.cm/groovepages/js/ Frame 747D 0
0 23ms
15ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 747D 0
562 B 112ms
89ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=ertcshortcut.com%2FERC%20Application&idsite=4&rec=1&r=508719&h=19&m=54&s=9&url=https%3A%2F%2Fertcshortcut.com%2F&urlref=https%3A%2F%2Fwww.easymoneyforcontractors.veterinaryclinictaxcredit.com%2F&_id=bbc95570048f3516&_idn=1&_refts=1646596450&_ref=https%3A%2F%2Fwww.easymoneyforcontractors.veterinaryclinictaxcredit.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=517269&dimension2=wq08ZLnQc&pv_id=Vkytbp&pf_net=43&pf_srv=224&pf_tfr=484
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ertcshortcut.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BESmG9EGdFHvQjhLyS2Wicf9Pg5%2FHX3AZAnGY8cb1WBUq3iYE%2F84Wpz9U75N4rQfIZxnpg4gG42WZiWGxwc4DxsewJSfdk0OC63SBNPWD0QOoC7zxnYvxAczgu4p8O0lBzAUFrJzPEeTHc2OxYuaTxemA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ertcshortcut.com
access-control-allow-credentials: true
cf-ray: 6e7da443ddb6913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7KE4VhYEZBAF7a6M9DFD
v1.gdapis.com/api/groovevideo/generate-css/75176/ Frame 747D 563 B
848 B 402ms
365ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/generate-css/75176/7KE4VhYEZBAF7a6M9DFD
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 0cbf470d7b5d4aa1136de5cf78515a965be83022bc741ffb0a56a27692414c0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IWgfrr5D4MKM5o%2FTXf3BLyxy9LHdh6%2Bnt7YKQ3FPtYzZCuiy0bcTisfqrcRAcRAR718Ft492IcipWMd0dMv14CDpcRImVL27UpVpXnZyTunSDUittbfAT2N7H95k33mFUUbyy8cCBimZ7zui"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-ratelimit-remaining: 599
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6e7da444dc55695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7KE4VhYEZBAF7a6M9DFD Show response
app.groove.cm/groovevideo/video/75176/ Frame 3F73
Redirect Chain

https://app.groovefunnels.com/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

7 KB
2 KB

223ms
223ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73dfc0f33f4f802ead5608387856b02f1ac00e704d7bb883171f4c4420d24e7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAsedzuU2KkQt%2FjdstCeh4vil8Zou0LHRNRN2V73%2FJmxjFlytJnTXhJdQTOLxCv3v%2FPWQWz%2Ffb7ywphPAwjT89Cj%2BZ%2B2jRl%2FDnDSbYYzoC9tYwODmFfrG8xvDxxyyJMxIOCUOVtgeif7hyHv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7da444f9289061-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 06 Mar 2022 19:54:10 GMT
location: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x44Dq18ow2UT22bTv0Ytnw6DaAP%2FFikRXB9VZpRL8EnEloLWUEzcgs9WeVPd%2BNekGq88jl%2FTD0%2FizKTBWOcUAUc6tnsyZON42Ds8ANQ%2BA6mpNHVsNyCBO7nB9STYxjy7xKEV3cf2DVcC8B66xTNa1aXxERI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e7da444efcf9bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 u1kHEnHT9wSJ2kyJJs0e
v1.gdapis.com/api/groovevideo/generate-css/75215/ Frame 747D 563 B
516 B 471ms
464ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/generate-css/75215/u1kHEnHT9wSJ2kyJJs0e
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 1eff7b7cd26420f2843c2427d5f8fc24c423827818b0f2d457e9cc32193cea77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XM8oyn8KrZNCTXi9KLt0ZOjjuNlh9zURkvYjVfgA9NImzQR1qhPIfKpi%2Bw7B2KHNTnINB6JxTeSr12GW10F8ymgvXrGqwwIggXNNffe6WKC2t1YPIDmIgBgMbPAq8gExOdnNVYTYLfpORjA%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-ratelimit-remaining: 599
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6e7da444dc5a695e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

u1kHEnHT9wSJ2kyJJs0e Show response
app.groove.cm/groovevideo/video/75215/ Frame 15FE
Redirect Chain

https://app.groovefunnels.com/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

7 KB
3 KB

198ms
197ms

Document
text/html

2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Requested by: Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73dfc0f33f4f802ead5608387856b02f1ac00e704d7bb883171f4c4420d24e7a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0QmE3QJyrUtFogrR3cTbv6TQ4L1OXdFMCqq9A8ZusroZLUjTgdUfOW5b8fRzaLHxyrLOqlEvsCR0oDcY8XBV2eG5cgs5V%2BgIA6ix9UYtvnMfmxBHzlVDjI5oFuyEbNk6YP9Wk3dM3uUz4tS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7da444f9249061-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 06 Mar 2022 19:54:10 GMT
location: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uP3zE4h95eD2w9UdzMQWxU36KQmaSoZ0Tu2EsIhQosLvCp%2FqABR6T8yi%2FMZW696hreVEeBi8dXm0rulHGV9H%2B2aPcSx4uiPAveZkcMbXTDCfEAaVpu2M%2BKQlYDfig5vd5aPzy4ON1xW6DmH0yX4aQgeoo2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6e7da444efd29bf4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 747D 15 KB
15 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 352538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 17:58:32 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ Frame 747D 23 KB
23 KB 28ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:30 GMT
x-content-type-options: nosniff
age: 347020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:30 GMT

GET
H2 200 showFormEmbed Show response
fs22.formsite.com/res/ Frame 9E8B 11 KB
3 KB 737ms
505ms Document
text/html 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: a706ab21b54b0d2d1e6e54b815558dd4ddfc615df9e639f518989a5555f8d5cf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ertcshortcut.com/

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-type: text/html;charset=UTF-8
content-length: 2792
server: Apache
vary: Accept-Encoding,User-Agent
content-encoding: gzip

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2
fonts.gstatic.com/s/notosansjp/v40/ Frame 747D 13 KB
13 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v40/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.118.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76890ed0912951cb7116c2cfdec0d5ad3e138e94641d0dd1126ad45304feddba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:59:09 GMT
x-content-type-options: nosniff
age: 345301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13504
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:59:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 747D 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 209167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Mar 2023 09:48:03 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 747D 13 KB
13 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:04:09 GMT
x-content-type-options: nosniff
age: 352201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:04:09 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 747D 13 KB
13 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:03:30 GMT
x-content-type-options: nosniff
age: 352240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:03:30 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ Frame 747D 12 KB
12 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 18:09:18 GMT
x-content-type-options: nosniff
age: 351892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12408
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 17:39:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 18:09:18 GMT

GET
H3 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v47/ Frame 747D 17 KB
17 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v47/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 23:31:07 GMT
x-content-type-options: nosniff
age: 246183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17864
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:07:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 23:31:07 GMT

GET
H3 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v16/ Frame 747D 35 KB
35 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v16/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 20:03:45 GMT
x-content-type-options: nosniff
age: 345025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36220
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 20:03:45 GMT

GET
H3 200 free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ Frame 747D 13 KB
14 KB 54ms
54ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer: https://ertcshortcut.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13216
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYp%2FckelrC59%2BZpn9ZozPrxms1mFMsMgVbe%2BYR7d%2FnX6ao8Z%2FGztM4rz%2B4yMYEF20%2BrohWrVcOfNEEIwEjPf%2FqChYG4U3k09DTOa7%2BLQqw48RmOoo3ye3I6e6xxd0GMZQTSEVTFiUMVX6uTm2lv95gNOiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 6e7da4454a529019-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: qpW6rFoJwJm_Hh-kX7acmL6iWNtwafMritSfAbo30Fk711auMcotyw==

GET
H3 200 -F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2
fonts.gstatic.com/s/notosansjp/v40/ Frame 747D 50 KB
50 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v40/-F62fjtqLzI2JPCgQBnw7HFow2oe2EcP5pp0erwTqsSWs9Jezazjcb4.119.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ertcshortcut.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:58:59 GMT
x-content-type-options: nosniff
age: 345311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51568
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:58:59 GMT

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 15FE 39 KB
9 KB 79ms
59ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3497347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-9c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSsWRywJ8JocHyhM2JzF2fB88PTIlckdrXJL%2FIOt1TLbzC9pVioTmeNKIHTyglv4BXcLK4hu6z7l2RAKAGgDqlxprf%2FCpAq45PgF8ULnbiY8PGd47P3yJ6Q3AGKg3gP1ZWF%2FbNFBc9aG1jjM5RHdM07L"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4466b289ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 15FE 470 KB
106 KB 35ms
16ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1666970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-757c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrDNrHZp8m6qOb%2BcR%2ByklZwpLipOkjTHVcfBX4Z60aaZ5YWVTrQBzLHV9reRrVxjAJd8oL%2BWuVuOG9ZPaA4Cx3sX5gk4pvRFkVQwiB3CZbNHFyjiX63QFIzi0q2217zqsASEj98gr39bZlUU0VdyVZb8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4466b2c9ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 videojs-ie8.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 15FE 19 KB
6 KB 78ms
58ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3497347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5911
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401e-4a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zh7KwBMDvBXutAx6BzcXCHLD0fyQjZBwjY7j9%2BfiUXjCH89nb9gOckgbCM82LGBaX7BZn6biY1uB%2BWwHsSNbILZli2npUrB6CkJv1B8JabY%2BYyTs3c9i36%2FnMqQvaGLLvyiPbvF%2Bn09V%2FTC5DWV2oEpC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4466b2f9ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 15FE 12 KB
792 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:42:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 15FE 70 KB
5 KB 33ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 523199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1hY3RZmT%2F3cAGHNyci5984PabPMKBZx7Bal7f5FoOLFDrZNWbIcugn%2FefnXhOPejR4IWi75NO4IPYt8mC33UA3g0Z1S%2Fu7PHWvWlajpAyHVKXlR0g%2B%2FynO4Mt1JdVdwWckoj6592Kcfcg9TEVvibHNs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4466b2a9ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 app.d5adcb33.css
app.groove.cm/groovevideo/css/ Frame 15FE 57 KB
11 KB 16ms
16ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/app.d5adcb33.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733d88fb6cf21570f7b80d6977e3456eff95c3c2a46be3b02a5bea904c3b096e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-e5f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciA8mGI4r9iXlMvp0dZFo%2FLOMm8GUQ3L6OyrGthORAWcw9yP%2BGj7Igen6d77%2BNoOOnt2o8ik%2BfJ4k4IzWs13gCgaaD85v6JQ%2BwmDbc14ZApO%2BGiOB4K%2Fp6PYNBD6L2Smw1KGI2TSaRmrjI2Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4464c029061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.b2eb74f3.css
app.groove.cm/groovevideo/css/ Frame 15FE 2 MB
213 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-1e7069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fi6yPM50bFnkJkRk915Ecez8h80Xb3xm3snP8sluaDQ27vsJBLvQ5noKCBLk4SukeJhDVJ7Z2qM%2BlmE8KOCEeXxuiaejQBDs196fA%2FXgFmcPQs%2F2u%2BvjjWADKD0VZdxP%2FZS0WOQrWWBRAyc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4464c039061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.79e65c12.js Show response
app.groove.cm/groovevideo/js/ Frame 15FE 2 MB
324 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/app.79e65c12.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865bee3153176948ed15e53e98b4057deb49e98bbbede2c1f3bce4a56912d212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-1a9fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZ8LxtquGk7wuN3fj2TTZpfUmmPVzymqsEf32SaCQi7fAD%2FRP5%2Fe3k6zYaZn6kFvrcnxhSwZSYEEu4B6bLlskbakzLDL0GipLfP5Yfy9gTthzg%2FX7WyPBRdZDIraMrjAYebZxCOhk2aR7WKO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4464c049061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.f79b17ef.js Show response
app.groove.cm/groovevideo/js/ Frame 15FE 7 MB
2 MB 23ms
23ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf9b4095c5dd1c48839eaa675c05501f47dc0c2cc7268ec0582f8111db1409f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-76e0f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tc9YDi1wclMA6TWvOvH2k56A6%2BeX2d0YYCnx5vjzeWDEvZD%2FVGoL5HwlPOq%2BugBZHvHvAal%2Fsj55eaEYYrgDTARzF%2B2cuTS2oeMncuIRnOv4x6aYltWiamxbGNHG6trGLh%2BKJG2OzKhJlnip"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4464c079061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget.min.js Show response
cdn.productstash.io/js/ Frame 15FE 23 KB
6 KB 63ms
7ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.productstash.io/js/widget.min.js?v=0.8

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 01/30/2022 20:52:37
cdn-pullzone: 173232
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Sun, 30 Jan 2022 20:42:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"5bd1-17eacb99ac0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: 497b274b327cd07292656fcf7e21ca99
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 3F73 39 KB
9 KB 53ms
50ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3497347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9046
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-9c5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoJoTo9PvOmqzqiTh5bO%2Fm4NevYyaS8jHbM5Nh7WNiOfsk%2Bxt3AmRyumVeGv8Mlu1lmLtDr9VRUibfn7AHiBiNKLmRSw24wffLvYqFOWIvGLgm%2B8X%2Bu%2BaDh6M4J3ODbbA2Jx8OtE3obxR5bbgDWH0gKe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4467b589ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 video.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 3F73 470 KB
105 KB 75ms
72ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1666970
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107564
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401f-757c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep%2F40X2PjZHhOJuW43xH0JA0LPWy8tAL2iGqv7sPrcgPH%2BpgbYMkgndzRrtoi2sgLAWnIcwxS2IUnCx0hQqyqu5ts7RwzkZOoqNufgFcSkH58kbL15K7xES3kEIAQAymr1twg%2BRjU%2Fsqa%2FJlETFD47tp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4469bfc9ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 videojs-ie8.min.js Show response
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 3F73 19 KB
6 KB 83ms
79ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3497347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5911
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0401e-4a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBRjRfIiJhISJp3Ile2HgTIM8RRAhhrc%2FwFc15n6SBbNU4KvWQ0pJKlJ5JDdGDDhSynT8sFS71vaFtkrRQDmvWkt5tFJolmsztL9nlsm01s35PS6pP%2BM5fZjSjeSHDfBxAR%2BiciPq9G5KoUVVYAt%2BsZY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4469c059ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3F73 12 KB
792 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:54:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 3F73 70 KB
5 KB 83ms
80ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 523199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4sq%2FIUXYxq%2BPOW%2BcLjNt83pp0DBnygwaftohEyanh3QeVGUxZVesF3Nwc1P3SDDJBQFmH4u2Do6VElgOszKB%2FeG5H8eqOTDx4tlFB7YPFWzfJeyppmfhhAQmtbIin4K%2BbB0vQx%2Bo3aHVLSN7aK59GhY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7da4469c019ba7-FRA
expires: Fri, 24 Feb 2023 19:54:10 GMT

GET
H2 200 app.d5adcb33.css
app.groove.cm/groovevideo/css/ Frame 3F73 57 KB
11 KB 91ms
88ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/app.d5adcb33.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 733d88fb6cf21570f7b80d6977e3456eff95c3c2a46be3b02a5bea904c3b096e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-e5f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEp5Ko%2FQfjl90sdMUTChd8KYsHx%2Fah5YPy0bCey8gQMZF6Lk%2FleYNGZEKGl9Pi9kXqlgcpbmYbyiGJcQw87qJUJ9ytnnl1xB372VlNP6DplpHMFwU61rriFSskeSI%2F3lyhgHHzO%2FLHy69Eku"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4467c6a9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.b2eb74f3.css
app.groove.cm/groovevideo/css/ Frame 3F73 2 MB
213 KB 78ms
75ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-1e7069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzFfW36bMaz1KlVI0414aqq9468cte%2BW1vANt6LDSSLRr1KzAs22hx05al3zb9aBQHq1mQY5osZOJa%2Bxcbdoih6cobL4F5vKzGHlqZBJ37zJKsXPeCOZOk69JPYEQbSOkDU5aYgvJdbXN3qo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4467c6e9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 app.79e65c12.js Show response
app.groove.cm/groovevideo/js/ Frame 3F73 2 MB
324 KB 78ms
75ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/app.79e65c12.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 865bee3153176948ed15e53e98b4057deb49e98bbbede2c1f3bce4a56912d212

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-1a9fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21wffPvu32v8QV3X%2BK%2FRKAxyN533ALdTT%2BC1XxqVSyAVExYGlus1flG8OI3VVFK1tgN34GadtwJYawxXha9IrnD%2F3t4NP1iEC0%2BPlF%2F%2FvFYytyMRdpSwVVMKt%2Bg03X0tX6NQFvnGeHLfKbfo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4467c6f9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 chunk-vendors.f79b17ef.js Show response
app.groove.cm/groovevideo/js/ Frame 3F73 7 MB
2 MB 78ms
76ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf9b4095c5dd1c48839eaa675c05501f47dc0c2cc7268ec0582f8111db1409f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:16:16 GMT
server: cloudflare
age: 7193
etag: W/"6220a380-76e0f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFj1lTsACa3Yk4lq%2B6NTU3D8AtZmWiRAwDFTX8Um1lekdWOn1t6vhh22gNmiyxdUJcESVV%2F%2BTx9ttZeoN98hyytNYl%2BwGeJdh9gdq5S3SaHQZiBa%2F5F0VHsTZ2gd2gn7QO2oRou9neFs1War"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da4467c719061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget.min.js Show response
cdn.productstash.io/js/ Frame 3F73 23 KB
6 KB 8ms
7ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.productstash.io/js/widget.min.js?v=0.8

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 01/30/2022 20:52:37
cdn-pullzone: 173232
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Sun, 30 Jan 2022 20:42:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"5bd1-17eacb99ac0"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: 2f914c789c09ffde8c71c3fdb30ada51
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 200
OK a681f539-bf10-46ea-bf50-daa601972f0c
https://app.groove.cm/ Frame 15FE 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/a681f539-bf10-46ea-bf50-daa601972f0c
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 15FE 207 KB
72 KB 54ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cd6f43503c1125d872239c5697f7b3e99c3d7db4df8f52cec57f62365ff633e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73247
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 15FE 714 KB
136 KB 44ms
42ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:54:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
BLOB 200
OK 0f589511-f7d1-4376-a36c-88b265af2486
https://app.groove.cm/ Frame 3F73 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/0f589511-f7d1-4376-a36c-88b265af2486
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 3F73 207 KB
72 KB 46ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f7daf399df525aa0a5436ede7716751c312b63fbf10ce6df7e2ccb07fcd4d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73250
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 3F73 714 KB
136 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 19:54:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 19:54:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 19:54:10 GMT

GET
H2 200 player.js Show response
cdn.tooltip.io/static/ Frame 15FE 471 KB
80 KB 91ms
7ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tooltip.io/static/player.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:10 GMT
content-encoding: gzip
x-amz-request-id: 9MRBE1ESRMY3ZT3J
x-edge-location: defr
x-cache: HIT
content-length: 81741
x-amz-id-2: 2vaNfJSWblUD1srISWv/EVUa+w2+MIMpYKh/fgyHbYG9hjZANXPH/8XOxucr/jrKeQjYm7j5JUU=
last-modified: Mon, 22 Nov 2021 13:04:15 GMT
server: keycdn-engine
etag: "2896ec2e8a5ff49a48bd72727bd02ce2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires: Sun, 13 Mar 2022 19:54:10 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 15FE 980 B
2 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:808::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H3 200 matomo.js Show response
matomo.groovetech.io/ Frame 15FE 62 KB
21 KB 55ms
55ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 17:08:21 GMT
server: cloudflare
age: 1510
etag: W/"f93c-5d58dd993cb40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69C8R5EXE%2FTajvBi21p8P5RPUHNdszrFm3HeZFMkjDn%2Bf7%2FGc966R6pFIwzHeaB44T%2FcWUyG9kWBK2bBOJM1mQCl3lA%2FGf42tXDXYDJUAVuemkzYURIxMH0IvTUuUXX%2BLMPmFEAnwLDlvcl%2FRkzZmroFeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da44af87c913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 28ef349b-3cf7-4649-bbc1-263330d09476 Show response
https://app.groove.cm/ Frame 15FE 96 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/28ef349b-3cf7-4649-bbc1-263330d09476
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4c671da84ac9593e4d1d3992f132e6c079fde149d6744e8c3c2a9d48cecb2ae

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 96
Content-Type: text/javascript

OPTIONS
H/1.1 204
No Content ping
api.loopedin.io/v1/users/ Frame 0
0 137ms
33ms Preflight 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control: off
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type,Authorization
Content-Length: 0
Date: Sun, 06 Mar 2022 19:54:11 GMT
Via: 1.1 vegur

POST
H/1.1 200
OK ping Show response
api.loopedin.io/v1/users/ Frame 15FE 3 B
1 KB 34ms
34ms Fetch
application/json 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Sun, 06 Mar 2022 19:54:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 48
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1646596478
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK app-config Show response
api.loopedin.io/ Frame 15FE 525 B
2 KB 138ms
34ms XHR
application/json 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

def29134e08de7baeafdb978d435081160c83c3bd25705aa41323261e2f0e544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Sun, 06 Mar 2022 19:54:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 525
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Etag: W/"20d-wpf5XpMIyJmkk05mkv2sFNT6IYM"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 49
Access-Control-Allow-Methods: GET
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1646596478
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H2 200 notification.png
cdn.productstash.io/images/ Frame 15FE 1 KB
2 KB 7ms
7ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productstash.io/images/notification.png

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 01/29/2022 10:51:35
cdn-pullzone: 173232
content-length: 1156
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Wed, 19 Jan 2022 15:46:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"484-17e7304f9c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: 7a99bcf6a0cef002187ca101a60f0ab6
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 player.js Show response
cdn.tooltip.io/static/ Frame 3F73 471 KB
80 KB 7ms
6ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tooltip.io/static/player.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
x-amz-request-id: 9MRBE1ESRMY3ZT3J
x-edge-location: defr
x-cache: HIT
content-length: 81741
x-amz-id-2: 2vaNfJSWblUD1srISWv/EVUa+w2+MIMpYKh/fgyHbYG9hjZANXPH/8XOxucr/jrKeQjYm7j5JUU=
last-modified: Mon, 22 Nov 2021 13:04:15 GMT
server: keycdn-engine
etag: "2896ec2e8a5ff49a48bd72727bd02ce2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
link: <https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 3F73 980 B
511 B 41ms
26ms Script
text/javascript 2a00:1450:4001:808::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H3 200 matomo.js Show response
matomo.groovetech.io/ Frame 3F73 62 KB
21 KB 18ms
18ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.js
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 17:08:21 GMT
server: cloudflare
age: 1510
etag: W/"f93c-5d58dd993cb40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0QJGY3Hsn8uLXEI8zOcwkabO9n%2BZCO1pvnCOIxIhKwwrGMmeXHpinQq3uWhJgQRFSRjfUIzUNakBqWYUFBvjKS0B0ievCeBR25aeUGR5Jy0RwPnT%2B3TkMFPINtSRlfKv7tiES9V2gQg6b9i29%2FjWKvEWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da44e7acb913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 8eb0eadd-b508-48dd-b44b-2c19f1082995 Show response
https://app.groove.cm/ Frame 3F73 98 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.groove.cm/8eb0eadd-b508-48dd-b44b-2c19f1082995
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9d632d57cccef45c994f7568f92260b1a733bffcd56372e3b3726c2cb8b8987

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 98
Content-Type: text/javascript

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ Frame 9E8B 36 KB
9 KB 45ms
8ms Stylesheet
text/css 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css

Requested by

Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 01:37:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8422
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:37:41 GMT

GET
H2 200 fonts8.css
fs22.formsite.com/include/form/ Frame 9E8B 20 KB
5 KB 187ms
187ms Stylesheet
text/css 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/fonts8.css?2307726859055
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9221b2c07e1ad6a168982f0fbb342131b2e96c0ebe5902d98653d3a546a34632

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 13:46:26 GMT
server: Apache
etag: "4e63-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4202
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 screen8.css
fs22.formsite.com/include/form/ Frame 9E8B 20 KB
9 KB 95ms
95ms Stylesheet
text/css 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/screen8.css?2307726859055
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 6b223bb6c3fb8210034350b25e704c74c30d87756cdda5432b4649483e366e78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 15:07:12 GMT
server: Apache
etag: "4f2f-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 8161
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 responsive8.css
fs22.formsite.com/include/form/ Frame 9E8B 3 KB
1 KB 96ms
96ms Stylesheet
text/css 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/responsive8.css?2307726859055
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: faa7999a9bc916746448d20ba389c7360faea9bc01a9e53fc08275e565cbf399

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 15:07:12 GMT
server: Apache
etag: "bb2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 876
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 9E8B 87 KB
30 KB 45ms
9ms Script
text/javascript 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 14:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 14:42:20 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ Frame 9E8B 248 KB
66 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:811::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 13:20:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67948
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 13:20:31 GMT

GET
H2 200 form8.js Show response
fs22.formsite.com/include/form/ Frame 9E8B 27 KB
8 KB 187ms
187ms Script
application/javascript 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/form8.js?2307726859055
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 7b47ae80afa3203ba35b6f17e9a9c0641ac3f8f5d37b3ae9f01f06730b1e7ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 15:07:12 GMT
server: Apache
etag: "6c5c-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 7457
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 embed.js Show response
fs22.formsite.com/include/form/ Frame 9E8B 2 KB
1 KB 187ms
187ms Script
application/javascript 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/embed.js
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Mon, 30 Mar 2020 16:25:53 GMT
server: Apache
etag: "8fe-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 855
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 config.js Show response
app.groove.cm/config/ Frame 15FE 324 B
513 B 21ms
21ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/config/config.js
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Mar 2022 11:54:58 GMT
server: cloudflare
age: 6531
etag: W/"6221fe12-144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8W9bVpozULNfeDTvQLay4UpgIEo2qCR9k9pRIzlnPj4FG%2FKLsPlnCJaFKMmrCPlEDCgmh7DKMJL%2Fi3hG8dqu%2Bfu7bI4vHor3izEo9L1g8RwPMxX3cZvf90FgYcm9T3u4KJ%2FnabCQ5uhn1ud"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da44e8e7e9061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H/1.1 204
No Content ping
api.loopedin.io/v1/users/ Frame 0
0 34ms
33ms Preflight 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Connection: keep-alive
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control: off
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
X-Xss-Protection: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type,Authorization
Content-Length: 0
Date: Sun, 06 Mar 2022 19:54:11 GMT
Via: 1.1 vegur

GET
H2 200 notification.png
cdn.productstash.io/images/ Frame 3F73 1 KB
2 KB 7ms
7ms Image
image/png 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.productstash.io/images/notification.png

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-89-187-169-47.cdn77.com

Software

BunnyCDN-DE1-756 /

Resource Hash

87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cdn-edgestorageid: 756
x-dns-prefetch-control: off
cdn-cachedat: 01/29/2022 10:51:35
cdn-pullzone: 173232
content-length: 1156
x-xss-protection: 1; mode=block
server: BunnyCDN-DE1-756
last-modified: Wed, 19 Jan 2022 15:46:53 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-frame-options: SAMEORIGIN
etag: W/"484-17e7304f9c8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
cdn-cache: HIT
cdn-uid: 48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control: public, max-age=31536000
cdn-requestid: b3945d67eb1c125240d9a8faf56388ba
accept-ranges: bytes
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

POST
H/1.1 200
OK ping Show response
api.loopedin.io/v1/users/ Frame 3F73 3 B
1 KB 35ms
34ms Fetch
application/json 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/v1/users/ping

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Sun, 06 Mar 2022 19:54:11 GMT
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 46
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1646596478
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK app-config Show response
api.loopedin.io/ Frame 3F73 525 B
2 KB 34ms
34ms XHR
application/json 108.128.72.146

General

Check archive.org

Show headers Download Go to

Full URL

https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm

Requested by

Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.128.72.146 -, , ASN (),

Reverse DNS

Software

Cowboy /

Resource Hash

def29134e08de7baeafdb978d435081160c83c3bd25705aa41323261e2f0e544

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Dns-Prefetch-Control: off
Date: Sun, 06 Mar 2022 19:54:11 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 525
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Etag: W/"20d-wpf5XpMIyJmkk05mkv2sFNT6IYM"
Expect-Ct: max-age=0
X-Ratelimit-Remaining: 47
Access-Control-Allow-Methods: GET
X-Download-Options: noopen
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset: 1646596478
X-Ratelimit-Limit: 50
Content-Type: application/json; charset=utf-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 15FE 171 KB
63 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d6e3feec3acce9cc2b8c6fda68b603c236ea5739884e84fc76d4ec63a8b841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64500
x-xss-protection: 0
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 15FE 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1158
date: Sun, 06 Mar 2022 19:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 21:34:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 15FE 39 KB
15 KB 55ms
31ms Script
text/javascript 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 15FE 15 KB
6 KB 80ms
21ms Script
application/javascript 2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 06 Mar 2022 19:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 926
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: MzWLmR/IT2AYY9n8xLLCg/pMErKtBzeh8T4KLn/hvrHl2oZpSKSTArfuLF6j5xD7mOUlbYyipHY=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: DH3Y6SWDJGS273HZ
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 15FE 38 KB
12 KB 130ms
95ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 55C393D28A42460397F4943C1F7FF659 Ref B: FRA31EDGE0110 Ref C: 2022-03-06T19:54:11Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11333

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 15FE 40 KB
13 KB 67ms
32ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 07 Mar 2022 19:54:11 GMT

GET
H2 200 universal-script Show response
175592.tracking.hyros.com/v1/lst/ Frame 15FE 0
169 B 304ms
98ms Script
text/plain 52.70.96.75

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID

GET
H2 200 print8.css
fs22.formsite.com/include/form/ Frame 9E8B 375 B
764 B 94ms
94ms Stylesheet
text/css 44.194.91.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs22.formsite.com/include/form/print8.css?2307726859055
Requested by: Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.91.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-91-8.compute-1.amazonaws.com
Software: Apache /
Resource Hash: fe096c1a1b3636490559c3e3d5c51dedcfed669ef95394071a765d922937dc6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2019 18:07:07 GMT
server: Apache
etag: "177-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
content-length: 200
expires: Sun, 13 Mar 2022 19:54:11 GMT

GET
H2 200 ae6893d8-cd70-4474-b00c-3812c0a0d4ab Show response
pp.signalayer.com/ Frame 15FE 2 B
260 B 306ms
94ms Fetch
text/plain 34.232.251.165

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.signalayer.com/ae6893d8-cd70-4474-b00c-3812c0a0d4ab
Requested by: Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.251.165 -, , ASN (),
Reverse DNS
Software: nginx/1.15.8 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
server: nginx/1.15.8
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 2

GET
H2 200 ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json Show response
data.tooltip.io/player/fetch/ Frame 15FE 54 B
501 B 470ms
403ms Fetch
application/json 2600:9000:2104:ea00:6:36e8:9f00:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://data.tooltip.io/player/fetch/ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
Requested by: Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ea00:6:36e8:9f00:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:13 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:21:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "21c5d7ac3026c86f166a0e24b12b2b5d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 54
x-amz-cf-id: MOWhl00KiN9ScAdn8VHlgt1MEUL7P-40j-zlWf82OHcbU6UlyQWwdg==

GET
H2 200 config.js Show response
app.groove.cm/config/ Frame 3F73 324 B
451 B 37ms
36ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.groove.cm/config/config.js
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Mar 2022 11:54:58 GMT
server: cloudflare
age: 6531
etag: W/"6221fe12-144"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuyaBCpEAoIcyFrFLZ3XcmJecfnzvHv0qUgvCPx6%2Fb77Waa75FfW%2FcT9VS2xQ7wh%2Bbw7oGlasHcf%2F2nCnZV56x0VcR0wnQVBATCFp9SegRYAOTGm4Di58IQfPzYcxlUMHOUME2IH%2FSb25W5G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e7da44effc69061-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 3F73 171 KB
63 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d6e3feec3acce9cc2b8c6fda68b603c236ea5739884e84fc76d4ec63a8b841d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64500
x-xss-protection: 0
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 3F73 49 KB
20 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:810::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1158
date: Sun, 06 Mar 2022 19:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 21:34:53 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 3F73 39 KB
15 KB 43ms
43ms Script
text/javascript 216.58.212.162

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14879
x-xss-protection: 0
server: cafe
etag: 17635014576153706337
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 19:54:11 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 3F73 15 KB
6 KB 28ms
22ms Script
application/javascript 2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sun, 06 Mar 2022 19:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 926
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: MzWLmR/IT2AYY9n8xLLCg/pMErKtBzeh8T4KLn/hvrHl2oZpSKSTArfuLF6j5xD7mOUlbYyipHY=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: DH3Y6SWDJGS273HZ
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET bat.js
bat.bing.com/ Frame 3F73 0
0

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ Frame 3F73 40 KB
13 KB 29ms
29ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 12:51:58 GMT
server: nginx
etag: W/"61b8936e-9faf"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 07 Mar 2022 19:54:11 GMT

GET
H2 200 universal-script Show response
175592.tracking.hyros.com/v1/lst/ Frame 3F73 0
170 B 250ms
97ms Script
text/plain 52.70.96.75

General

Check archive.org

Show headers Download Go to

Full URL: https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by: Host: www.easymoneyforcontractors.veterinaryclinictaxcredit.com
URL: https://www.easymoneyforcontractors.veterinaryclinictaxcredit.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.96.75 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers: Session-ID

GET
H2 200 ae6893d8-cd70-4474-b00c-3812c0a0d4ab Show response
pp.signalayer.com/ Frame 3F73 2 B
259 B 266ms
94ms Fetch
text/plain 34.232.251.165

General

Check archive.org

Show headers Download Go to

Full URL: https://pp.signalayer.com/ae6893d8-cd70-4474-b00c-3812c0a0d4ab
Requested by: Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.251.165 -, , ASN (),
Reverse DNS
Software: nginx/1.15.8 / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
server: nginx/1.15.8
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type,Authorization
content-length: 2

GET
H2 200 ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json Show response
data.tooltip.io/player/fetch/ Frame 3F73 54 B
497 B 429ms
403ms Fetch
application/json 2600:9000:2104:ea00:6:36e8:9f00:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://data.tooltip.io/player/fetch/ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
Requested by: Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ea00:6:36e8:9f00:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept: application/json, application/xml, text/play, text/html, *.*
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:13 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
last-modified: Wed, 23 Feb 2022 08:21:53 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: "21c5d7ac3026c86f166a0e24b12b2b5d"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 54
x-amz-cf-id: LDNJj3rLmmay7CABZwWSl7RtYeit8RUU3dBWLFzsfR1bAofRG4c_0A==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/ Frame 15FE 152 KB
49 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:808::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50321
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 04:20:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Mar 2023 18:33:04 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/ Frame 3F73 152 KB
49 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:33:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4867
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50321
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 04:20:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 06 Mar 2023 18:33:04 GMT

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 15FE 0
532 B 67ms
66ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=335915&h=19&m=54&s=11&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&urlref=https%3A%2F%2Fertcshortcut.com%2F&_id=769ce085718eaa90&_idn=1&_refts=1646596452&_ref=https%3A%2F%2Fertcshortcut.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wUlXD1&pf_net=0&pf_srv=198&pf_tfr=0&pf_dm1=1134
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UyTS%2BGNDF9BJF5Glj114EwiKgDCaFwy%2FdpSnqCl9MfvhZ%2FxbWcwhR5hxJ%2B8dBFUKAMgvCUHI4XkU5%2FdNDDzz22wcRKSqFfTyVaCTKS%2FqFFHRYrAoO5pVHVpxfRAGABrYYCL3%2F6uKq0ymddoS4D9KGiQyw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da44faeb9913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 204 fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 0
0 190ms
176ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=u1kHEnHT9wSJ2kyJJs0e&id=75215
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-auth-provider
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.24
cache-control: no-cache, private
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xx%2F%2FGmYWqyS%2FHnXTYBeHhA03UzgCMqHpEsSBG3PDR85aPNutnOh9CiqpI9gK%2FEE%2F4qd9F6RnLqr2U7iSN5aOUpqeKBduVfjTZQBe2LlaBfk231kDDlADQqh0y6MHs57Kll0xwlXH4zBaNgH3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7da44fed3f9bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fetch-with-permalink Show response
v1.gdapis.com/api/groovevideo/ Frame 15FE 2 KB
2 KB 229ms
229ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=u1kHEnHT9wSJ2kyJJs0e&id=75215
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: 102390511cfad271d89b358aaa0eb8ee7abab2b7361fa95c724889d57850322c

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
x-auth-provider: auth0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MfMi8Fs0JwbJ8asOLcsfwITaRu9Wc3cDSIOFqHeInYfIX1veRy%2BjkE29yrfaT3myWPKNNaXLS8w9uNXp9uJzb%2BYC8ngvhc6b7k6xB%2BT0a9kJeAM32%2BtVfMWFULtUtsz1j2paCGitNiB%2F6G9Q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6e7da45108959bb3-FRA

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 15FE 2 KB
2 KB 42ms
20ms Script
text/javascript 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1646596451812&cv=9&fst=1646596451812&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4f42380e939b5f505f352af3e0c3d2bf89cfa2c8d90a93c9f995629c5e7255e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 3F73 0
523 B 74ms
74ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=067786&h=19&m=54&s=11&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&urlref=https%3A%2F%2Fertcshortcut.com%2F&_id=091ada0021975277&_idn=1&_refts=1646596452&_ref=https%3A%2F%2Fertcshortcut.com%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=XMtppH&pf_net=0&pf_srv=223&pf_tfr=0&pf_dm1=1298
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8VBaWGSPS6bdXLQWyKebGJ5TDlHE%2B74c2h072eWEvZBxqkbXADDb9JgIry1yw6Q%2FpbNculqMA6rvROTePNfq0ulTO1QBXf7srrqfgTAjULiVwONf1Gxc1THvtgmEsHm%2F7EQ5x3Kvs39oIibXdXmZNb7ag%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da44fffb9913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 10139345.json Show response
s.yimg.com/wi/config/ Frame 3F73 2 B
449 B 65ms
24ms XHR
application/json 2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10139345.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 2240
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: WNNRGQF0S5ZRCXC1
x-amz-id-2: 6GJu/OLJYfbRfZ1etHR0QW4orXv6Bt2x1nVwpoW9KQytyPXmdoLjxuTAMj0IhPP4VuqFeI7RS3Y=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 10139345.json Show response
s.yimg.com/wi/config/ Frame 15FE 2 B
37 B 113ms
73ms XHR
application/json 2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10139345.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 2240
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: WNNRGQF0S5ZRCXC1
x-amz-id-2: 6GJu/OLJYfbRfZ1etHR0QW4orXv6Bt2x1nVwpoW9KQytyPXmdoLjxuTAMj0IhPP4VuqFeI7RS3Y=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C331 13 KB
5 KB 51ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2335
date: Sun, 06 Mar 2022 19:54:11 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H3 200 fetch-with-permalink Show response
v1.gdapis.com/api/groovevideo/ Frame 3F73 2 KB
1 KB 200ms
199ms XHR
application/json 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=7KE4VhYEZBAF7a6M9DFD&id=75176
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash: d778f72c2b8ebbb1fda46a74c2003b9b855ccf11679a406b943da762011e6aca

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.groove.cm/
x-auth-provider: auth0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.3.24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 599
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FUtfG%2FcfpuskwzRR%2BJ%2Fy8KvQPdVbhMB8epzma3vo5vZQmAnbvtankVAmDyHEx%2BZJTemJE58LFiulrT6EDgRJaa%2FItmauTFYn6h1dRJ3OuCT2l73nffaXDz02dSDfSnLVuaO9MPucOj%2BHucq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control: no-cache, private
x-ratelimit-limit: 600
cf-ray: 6e7da45118c59bb3-FRA

OPTIONS
H3 204 fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 0
0 152ms
152ms Preflight
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=7KE4VhYEZBAF7a6M9DFD&id=75176
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-auth-provider
Origin: https://app.groove.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.24
cache-control: no-cache, private
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJroPJcXbWKLL437wuBT9GWe%2BsObubVICqb28AURh4eb92dFpLVtMZT2xoJt2SwECcmnJh3LXD7AeyDPLppG9HRvrbLzEA7683AaHxozyIKu7s8nhqAjvqrORMWHQYNytUtIsWFptbadhBC2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e7da4502dde9bb3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 3F73 2 KB
1 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1646596451862&cv=9&fst=1646596451862&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

d0a8a7385ba4c6c2912d55303f18d7dafbeed9ad6f7a14aca096ce4dea8aa06f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17533112.js Show response
bat.bing.com/p/action/ Frame 15FE 682 B
736 B 215ms
215ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/17533112.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b375cbb5b9a1d783a38ef89dd8d68eb9cd3a5ec11559dc6422da16ef66e939ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6FC5A115F87748568F8CD97A22D936A0 Ref B: FRA31EDGE0110 Ref C: 2022-03-06T19:54:11Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store,no-cache
content-length: 584

GET
H2 204 0
bat.bing.com/action/ Frame 15FE 0
151 B 30ms
30ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=747bc71a-cc4c-4194-98a1-3e41a19a6663&sid=3186a7209d8711ec85489f3a08e96f2e&vid=3186a2c09d8711ec889dab642b86d1c2&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Groovevideo%20%C2%B7%20Groovevideo&p=https%3A%2F%2Fertcshortcut.com%2F&r=&lt=1372&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=862654
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 724FA0AD6960498F81871D7767AC4628 Ref B: FRA31EDGE0110 Ref C: 2022-03-06T19:54:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ED0C 13 KB
5 KB 25ms
24ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2208
date: Sun, 06 Mar 2022 19:54:11 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H3 200 0dTEPzkLWceF7z0koJaX1A.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 9E8B 46 KB
46 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/0dTEPzkLWceF7z0koJaX1A.woff2

Requested by

Host: fs22.formsite.com
URL: https://fs22.formsite.com/include/form/fonts8.css?2307726859055

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fs22.formsite.com/
Origin: https://fs22.formsite.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 19:49:53 GMT
x-content-type-options: nosniff
age: 432258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:31 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 19:49:53 GMT

GET
H3 200 zOdksD_UUTk1LJF9z4tURA.woff2
fonts.gstatic.com/s/cinzel/v12/ Frame 9E8B 24 KB
24 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cinzel/v12/zOdksD_UUTk1LJF9z4tURA.woff2

Requested by

Host: fs22.formsite.com
URL: https://fs22.formsite.com/include/form/fonts8.css?2307726859055

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

304cbbc575c227a24f183d9800167ab06418327356f73099404136d8bb9a6c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fs22.formsite.com/
Origin: https://fs22.formsite.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 21:13:30 GMT
x-content-type-options: nosniff
age: 427241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24996
x-xss-protection: 0
last-modified: Tue, 04 May 2021 22:35:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 21:13:30 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/646915355/ Frame 15FE 42 B
548 B 59ms
19ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/646915355/?random=1646596451812&cv=9&fst=1646593200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=687618592&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/646915355/ Frame 15FE 42 B
108 B 306ms
34ms Image
image/gif 2a00:1450:4001:80f::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/646915355/?random=1646596451812&cv=9&fst=1646593200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=687618592&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 3F73 43 B
714 B 133ms
40ms Image
image/gif 212.82.100.181

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2006%20Mar%202022%2019%3A54%3A11%20GMT&n=0&b=Groovevideo%20%C2%B7%20Groovevideo&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&e=https%3A%2F%2Fertcshortcut.com%2F&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 06 Mar 2022 19:54:12 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C331
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&lsw=1
https://mug.criteo.com/sid?cpp=uxtitHwrVHl0a09xUXViZ1lHQ0IrMm5qMFBOOUtHZFZKbXBmQ2tGN3V4TWw3K3hNUTdVN3hKK0owZHlPVzlnYktGUjRidmFxNnBVL004Y1p6M1MzOEk2NE9iV3NBUHRQUXNSSGtMNmEwaXUvb0FDS2VMelQvMmxGQWoyUG...

449 B
651 B

92ms
21ms

Fetch
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uxtitHwrVHl0a09xUXViZ1lHQ0IrMm5qMFBOOUtHZFZKbXBmQ2tGN3V4TWw3K3hNUTdVN3hKK0owZHlPVzlnYktGUjRidmFxNnBVL004Y1p6M1MzOEk2NE9iV3NBUHRQUXNSSGtMNmEwaXUvb0FDS2VMelQvMmxGQWoyUGtZd1NGSlArSGpoOWpkZVZNSHJ1ZmhLcDIzTHhmdmNqUk04cVNJeEliOFVGcWJDK202a0JmSk5BbFRoTGVZRGNqTVBMUHEzSHJmZ1RkYlVpNFNsUDg2Y25PKzNIc0JmZi95cmYvdzRtbHkrVWxkOXE2eStuOExXRjdERnUxUDRBbnNNRVh4TXJUL2lGWnE4UjI5TlVsREhJR2EvZUM4WXdSaGMwRXdZZTQ3YmJjVzVJeXM5T1gxOUZOZU4yc1lrOGs5S2lNbEtGSXw&cppv=2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

10cf021113df2c7b25afd84a78f4b0cd118cf3876b6277c33fd8ffd7b6c6bf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5567
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=uxtitHwrVHl0a09xUXViZ1lHQ0IrMm5qMFBOOUtHZFZKbXBmQ2tGN3V4TWw3K3hNUTdVN3hKK0owZHlPVzlnYktGUjRidmFxNnBVL004Y1p6M1MzOEk2NE9iV3NBUHRQUXNSSGtMNmEwaXUvb0FDS2VMelQvMmxGQWoyUGtZd1NGSlArSGpoOWpkZVZNSHJ1ZmhLcDIzTHhmdmNqUk04cVNJeEliOFVGcWJDK202a0JmSk5BbFRoTGVZRGNqTVBMUHEzSHJmZ1RkYlVpNFNsUDg2Y25PKzNIc0JmZi95cmYvdzRtbHkrVWxkOXE2eStuOExXRjdERnUxUDRBbnNNRVh4TXJUL2lGWnE4UjI5TlVsREhJR2EvZUM4WXdSaGMwRXdZZTQ3YmJjVzVJeXM5T1gxOUZOZU4yc1lrOGs5S2lNbEtGSXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1743
content-length: 594
expires: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/646915355/ Frame 3F73 42 B
108 B 43ms
20ms Image
image/gif 2a00:1450:4001:80e::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/646915355/?random=1646596451862&cv=9&fst=1646593200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=69522513&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/646915355/ Frame 3F73 42 B
548 B 287ms
31ms Image
image/gif 2a00:1450:4001:80f::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/646915355/?random=1646596451862&cv=9&fst=1646593200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg320&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcshortcut.com%2F&tiba=GrooveFunnels&async=1&fmt=3&is_vtc=1&random=69522513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame ED0C
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=www.easymoneyforcontractors.veterinaryclinictaxcredit.com&lsw=1
https://mug.criteo.com/sid?cpp=bFa1M3xJVlF5YURIQURUMHZLT1BvaTFjNUU0YktKaXE4TU8zTkIzQS9SeXNEMTQyTjlRdjJCL1BjN1g3QmtsQjJuR2RVUUtzN3pXNDRJOWlOSzQ4ZWgrbDZtK3ZmN3RwTEpsKzE5bFZ5NnF1cHdmZVpwUXJ2eTNKWjUvam...

452 B
650 B

85ms
20ms

Fetch
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bFa1M3xJVlF5YURIQURUMHZLT1BvaTFjNUU0YktKaXE4TU8zTkIzQS9SeXNEMTQyTjlRdjJCL1BjN1g3QmtsQjJuR2RVUUtzN3pXNDRJOWlOSzQ4ZWgrbDZtK3ZmN3RwTEpsKzE5bFZ5NnF1cHdmZVpwUXJ2eTNKWjUvam5Kb2hjb0hFVXYyREdVNEl6cG1Majl1ZzRyWG5QZ1BmSElZUkpscHg5eHpWZmhSSE82UDFIZGVIWENQZXpOak9EU1N2OEpzZ1NUbDdwL21BcXpvYzBRYlg5QWhXVUxwRzlybXBqSmhkMm05WUZtNEN3SDI3K1FnSGdoK0hGaTNpUlpIK0RsYjJjTS9BSFdrUmJZc1h5ZWZXSlZXMWVyM0UvQ2RZRUNqdUdaWjJHMHR6NWtJMTZ2L1ZDVTVZeW9JOFVFY1VXRXZ0V3w&cppv=2

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

584763d9f453246beeee987807e900f7f70226ce820cc98c09971b95c3635a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4038
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=bFa1M3xJVlF5YURIQURUMHZLT1BvaTFjNUU0YktKaXE4TU8zTkIzQS9SeXNEMTQyTjlRdjJCL1BjN1g3QmtsQjJuR2RVUUtzN3pXNDRJOWlOSzQ4ZWgrbDZtK3ZmN3RwTEpsKzE5bFZ5NnF1cHdmZVpwUXJ2eTNKWjUvam5Kb2hjb0hFVXYyREdVNEl6cG1Majl1ZzRyWG5QZ1BmSElZUkpscHg5eHpWZmhSSE82UDFIZGVIWENQZXpOak9EU1N2OEpzZ1NUbDdwL21BcXpvYzBRYlg5QWhXVUxwRzlybXBqSmhkMm05WUZtNEN3SDI3K1FnSGdoK0hGaTNpUlpIK0RsYjJjTS9BSFdrUmJZc1h5ZWZXSlZXMWVyM0UvQ2RZRUNqdUdaWjJHMHR6NWtJMTZ2L1ZDVTVZeW9JOFVFY1VXRXZ0V3w&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1690
content-length: 594
expires: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 15FE 43 B
327 B 104ms
48ms Image
image/gif 212.82.100.181

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2006%20Mar%202022%2019%3A54%3A11%20GMT&n=0&b=Groovevideo%20%C2%B7%20Groovevideo&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&e=https%3A%2F%2Fertcshortcut.com%2F&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 06 Mar 2022 19:54:12 GMT

GET
H2

200

event Show response
widget.us.criteo.com/ Frame 3F73
Redirect Chain

https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJG...
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJG...

7 KB
8 KB

470ms
275ms

Script
application/x-javascript

74.119.119.150

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJGTThjd0hzb0N1R0dpSjhzMmgya2NaN0lOZkJmQzROaWwySlRER0ROeFRDSE5tTU15aSUyRkNseFliYkJTNTdXZVJhTzBoOG4wb0hjaHh0bGs3OERraXR0bndOZHdsTjlocXg4YjkyU2ZSTFdhekslMkZzQ0MwYVVsT1Z2eHFiSDhKMmpSSmtFR3N0RDFiMiUyQkpEaWV5SmhEa1pSMDI3b21WNCUzRA&tld=app.groove.cm&dtycbr=68955

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD

Protocol

Server

74.119.119.150 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

1a30b4ab2f508190574bdab55e08be7de3b85e94bbb1c7640a6ce3f5d91dab85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14037966
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=LBr1WF9Vd0tidTlFWGNFNFhrJTJGTThjd0hzb0N1R0dpSjhzMmgya2NaN0lOZkJmQzROaWwySlRER0ROeFRDSE5tTU15aSUyRkNseFliYkJTNTdXZVJhTzBoOG4wb0hjaHh0bGs3OERraXR0bndOZHdsTjlocXg4YjkyU2ZSTFdhekslMkZzQ0MwYVVsT1Z2eHFiSDhKMmpSSmtFR3N0RDFiMiUyQkpEaWV5SmhEa1pSMDI3b21WNCUzRA&tld=app.groove.cm&dtycbr=68955
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5465500
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2

200

event Show response
widget.us.criteo.com/ Frame 15FE
Redirect Chain

https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2...
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2...

7 KB
8 KB

469ms
275ms

Script
application/x-javascript

74.119.119.150

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2ZjNsaWJKSE9pTHdoVEtvcTJ4bXlyNnN6WHdEaHROUVFhRyUyRklSY0ZZbkhwZGNBekRYRzVhZnQyRnloVEJ4aDJUWk94aHdSQ1pBRUtqbGZaJTJCTUNvNVI3b3QzQmNGV0NSUmZhZnVZd21qWXI1SUQ4dkpFcHklMkZLNG9oa1JFanZOVUlLOHNsM1JjalpsQXc1ayUyQmhmUmlsQ0J0dFBwNCUzRA&tld=app.groove.cm&dtycbr=34903

Requested by

Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e

Protocol

Server

74.119.119.150 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

95c935f2ab2e27035c97194ebdd59f033a3e872bd82ba1a9b603588759c59d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
content-type: application/x-javascript
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14273500
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcshortcut.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=mONJPV85bENrN05vbERKN3RSUEE2ZjNsaWJKSE9pTHdoVEtvcTJ4bXlyNnN6WHdEaHROUVFhRyUyRklSY0ZZbkhwZGNBekRYRzVhZnQyRnloVEJ4aDJUWk94aHdSQ1pBRUtqbGZaJTJCTUNvNVI3b3QzQmNGV0NSUmZhZnVZd21qWXI1SUQ4dkpFcHklMkZLNG9oa1JFanZOVUlLOHNsM1JjalpsQXc1ayUyQmhmUmlsQ0J0dFBwNCUzRA&tld=app.groove.cm&dtycbr=34903
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 5683870
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 clarity.js Show response
d.clarity.ms/s/0.6.32/ Frame 15FE 53 KB
23 KB 325ms
96ms Script
application/javascript 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/s/0.6.32/clarity.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:11 GMT
content-encoding: br
etag: "1d82e1aac2b7990"
last-modified: Wed, 02 Mar 2022 09:48:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2

200

c.gif
c.clarity.ms/ Frame 15FE
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&RedC=c.clarity.ms&MXFR=2066C38AE6C16F762113D2D5E2C16121
https://c.clarity.ms/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&MUID=069DE39DC85763B93A35F2C2C9FB62D9

42 B
392 B

28ms
28ms

Image
image/gif

52.142.114.2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&MUID=069DE39DC85763B93A35F2C2C9FB62D9
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Server: 52.142.114.2 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "7c5ed6a6f22cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 264F0337EEE1425398A775462339D85A Ref B: FRA31EDGE0110 Ref C: 2022-03-06T19:54:12Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=04572C982A70466BB91C69B9BC0B19FE&MUID=069DE39DC85763B93A35F2C2C9FB62D9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg
groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/ Frame 3F73 1 KB
2 KB 469ms
122ms Image
image/jpeg 52.219.176.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.176.172 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6c38303932536ea69957d97b4f13bb4f7cecbd2373542e516a9d8429afc0b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 19:54:13 GMT
Last-Modified: Fri, 12 Nov 2021 16:16:49 GMT
Server: AmazonS3
x-amz-request-id: HZAYM5SRK3KBF3NV
ETag: "03b1e08e574ced25b82726727dd27f1a"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 1311
x-amz-id-2: 5LQMtJOmI+Sea0weHoXbL8jnWFiG40Yo4cI6ZKHCj8GQdAZXfEspXrIsboCZVEM7IYyJb7lGeD0=

GET
DATA 200
OK truncated
/ Frame 3F73 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://app.groove.cm
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 206 groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 3F73 196 KB
0 67ms
41ms Media
video/mp4 2600:9000:2104:7600:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7600:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.groove.cm/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 06 Mar 2022 08:36:14 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 16:18:22 GMT
server: AmazonS3
age: 40679
etag: "d01b8de36dff0efab6b88f31a7dbeabc"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-20764396/20764397
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 20764397
x-amz-cf-id: ypRa44nViENPveAsAOpJUGKkIYzAc-EWfvipVTW_1GKSWvRO4Dx_Zg==

GET
H2 206 groovevideo-213d95e6b4b4fcf88270eebb4d673595.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 15FE 3 MB
3 MB 66ms
45ms Media
video/mp4 2600:9000:2104:7600:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-213d95e6b4b4fcf88270eebb4d673595.mp4
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7600:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56d3bf72133f30f5e4ea2824f5906c580070865a0355d83013bc22d1849d8e42

Request headers

Referer: https://app.groove.cm/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 06 Mar 2022 07:06:15 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 21:33:10 GMT
server: AmazonS3
age: 46078
etag: "f0a1f3fafedb3b07b52afe73134ecc80"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-2626605/2626606
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 2626606
x-amz-cf-id: x6cpvUhfaB2iKvBGBzfNDrZgz8cJ5hVnhE2wPfSOvoGpNUIf24o-9g==

GET
H2 206 groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 3F73 156 KB
0 101ms
101ms Media
video/mp4 2600:9000:2104:7600:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7600:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.groove.cm/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=196608-

Response headers

date: Sun, 06 Mar 2022 08:36:14 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 16:18:22 GMT
server: AmazonS3
age: 40679
etag: "d01b8de36dff0efab6b88f31a7dbeabc"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 196608-20764396/20764397
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 20567789
x-amz-cf-id: IiJBFgplngWZuSKvh7E3u-e7D-PQSPeTxAp8EPuhCJxuF7Tcq7uvLg==

GET
H2 206 groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 3F73 252 KB
0 35ms
35ms Media
video/mp4 2600:9000:2104:7600:b:d801:7900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:7600:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://app.groove.cm/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=327680-

Response headers

date: Sun, 06 Mar 2022 08:36:14 GMT
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
last-modified: Fri, 12 Nov 2021 16:18:22 GMT
server: AmazonS3
age: 40679
etag: "d01b8de36dff0efab6b88f31a7dbeabc"
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 327680-20764396/20764397
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
Content-Length: 20436717
x-amz-cf-id: xeSHsh4hzrQBxujypwS7iig3bB_fVV_odF1vRF_q2xHZGKl4ViGoQA==

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 15FE 0
523 B 70ms
69ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=972679&h=19&m=54&s=11&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&urlref=%2F&_id=c8a49955b76f5953&_idn=1&_refts=1646596452&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=i16omO&pf_net=0&pf_srv=198&pf_tfr=0&pf_dm1=1134
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRwaqJlIivgsL5bnlOuBOmZ0nOBMlQl9%2FUKtBoQPeGyfKdE6ocEm3kA4LZ0XYqFdb7bEhbAdXbBzIJGyWdx%2BMiJ1V9LsgJCbHoHouthb9gIsY9hNh3NafupNDy%2FokTGeOxXvkxukqsjqLBP6Lrda2qpQhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da454abe5913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect Show response
d.clarity.ms/ Frame 15FE 0
91 B 184ms
184ms XHR
text/plain 40.76.174.66

General

Check archive.org

Show headers Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: d.clarity.ms
URL: https://d.clarity.ms/s/0.6.32/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.174.66 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://app.groove.cm
date: Sun, 06 Mar 2022 19:54:12 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 15FE 0
522 B 73ms
73ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=428431&h=19&m=54&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&urlref=%2F&_id=f80372a9fac530bb&_idn=1&_refts=1646596452&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ZovGFa&pf_net=0&pf_srv=198&pf_tfr=0&pf_dm1=1134
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMngf56vH3s2K3kTImcIZsRHj3cfNJ2q9yiuLe6MxwuN5HlACSBp4aN1oyb5lQiFI1xHplDsRVAdbCB4TN32skeYh8Boj%2FOvgR%2BS32vuizd%2BwYMfk2iw2qV6luuS5D5aW13vnus5iwW0G6X31%2BuTGnMrYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da454fcc8913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 3F73 0
527 B 109ms
109ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=771588&h=19&m=54&s=11&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&urlref=%2F&_id=df27cf6eed8c5d06&_idn=1&_refts=1646596452&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=k1NMoC&pf_net=0&pf_srv=223&pf_tfr=0&pf_dm1=1298
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WF1izwgjh%2BrhnoONLpL49%2BE18Us7KQegRqGr%2Fnt6nxufXPCzaDvK%2BSyP2AT5931Be8iayEBWFAH4bylXqzMUz8agecO%2BmgQEUoXkTrARecV7EK9eUY2MlbTiavw58zCEWa02yy71CB9DQlF%2BTCl8RNM0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da454fcf7913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
beacon-v2.helpscout.net/ Frame 15FE 293 B
620 B 36ms
7ms Script
application/javascript 13.32.99.103

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/
Requested by: Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:53:13 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 18:10:34 GMT
server: AmazonS3
age: 67
etag: "b6c1b46981d6f9feea2a5a7f9ccb38b9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
cache-control: max-age=120, s-maxage=120, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 242
x-amz-cf-id: o_zwXS4MBv-ekHo_57b8tZXE1-mZpzDD89zHzJKCwPU-Pe2I8d3LCQ==

GET
H2

200

397596.gif
idsync.rlcdn.com/ Frame CCB4
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=5ef7LOsmVXD_yh56-cxzOTY1nE28qMQz

42 B
395 B

27ms
26ms

Image
image/gif

35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=5ef7LOsmVXD_yh56-cxzOTY1nE28qMQz
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 19:54:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=5ef7LOsmVXD_yh56-cxzOTY1nE28qMQz
date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2607
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame CCB4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay04cmwydFdnTXoxMlByemdId0NyTkJxeHB6d0M0QVNUZmNucXNJQQ
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

43 B
369 B

34ms
14ms

Image
image/gif

178.250.2.151

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 320009
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
NO CONTENT /
partner.mediawallahscript.com/ Frame CCB4 0
232 B 155ms
32ms Image
text/html 52.209.248.164

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-8rl2tWgMz12PrzgHwCrNBqxpzwC4ASTfcnqsIA&custom=&tag_format=img&tag_action=sync&custom=&cb=54cf382c-268e-4cf3-b4dc-08136ad59e7a
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.248.164 -, , ASN (),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Server: nginx/1.20.0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

GET
H2 400 362338.gif
idsync.rlcdn.com/ Frame CCB4 0
0 42ms
16ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-8rl2tWgMz12PrzgHwCrNBqxpzwC4ASTfcnqsIA&ct=3&cv=1
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 204 v1
ads.yahoo.com/cms/ Frame CCB4 0
47 B 38ms
20ms Image
text/plain 2a00:1288:80:807::1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 spp.pl
sp.analytics.yahoo.com/ Frame CCB4 43 B
79 B 44ms
41ms Image
image/gif 212.82.100.181

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Sun, 06 Mar 2022 19:54:12 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame CCB4 0
479 B 55ms
14ms Image
text/plain 3.126.56.137

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-FGA6GWgMz12PrzgHwCrNBqxpzwA-6zEbi4zw8A

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 -, , ASN (),

Reverse DNS

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame CCB4 0
476 B 406ms
93ms Image
text/plain 70.42.32.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-sZhoGmgMz12PrzgHwCrNBqxpzwDuOxUf2OhrYw
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 19:54:13 GMT
Cache-Control: no-cache
X-TraceId: 9357ea9f3054668d6d1c6260c853bdc4
Content-Length: 0

GET
H2 204 t.gif
cw.addthis.com/ Frame CCB4 0
425 B 355ms
184ms Image
text/plain 104.84.56.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=113&pdid=k-iBU91WgMz12PrzgHwCrNBqxpzwCD52wBrHz7sg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:13 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 06 Mar 2022 19:54:13 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame CCB4 0
239 B 72ms
8ms Image
image/gif 69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-iBU91WgMz12PrzgHwCrNBqxpzwCD52wBrHz7sg&expires=30
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame CCB4
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ&seg=95287
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ%26seg%3D95287

43 B
1 KB

15ms
14ms

Image
image/gif

185.33.220.240

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ%26seg%3D95287

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

HTTP/1.1

Server

185.33.220.240 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:12 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 92e087c5-ae36-4ebc-a227-83356ad04aa9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:12 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dc7f388a-1a7f-4de2-b049-355f04bebc01
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-wgHlw2gMz12PrzgHwCrNBqxpzwCNe1j0uzjOXQ%26seg%3D95287
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET Pug
simage2.pubmatic.com/AdServer/ Frame CCB4 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame CCB4
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

10ms
9ms

Image
image/gif

76.223.111.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-e_0O7WgMz12PrzgHwCrNBqxpzwAshVNNgvz9QQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
contextual.media.net/ Frame CCB4 45 B
784 B 157ms
87ms Image
image/gif 2.22.32.24

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k--1EZNWgMz12PrzgHwCrNBqxpzwBdIJinAgsNkw

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.22.32.24 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sun, 06 Mar 2022 19:54:12 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Sun, 06 Mar 2022 19:54:12 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame CCB4
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA&C=1

43 B
1 KB

49ms
49ms

Image
image/gif

104.108.145.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA&C=1
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Server: 104.108.145.8 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 06 Mar 2022 19:54:12 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Expires: Sun, 06 Mar 2022 19:54:12 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame CCB4 0
241 B 61ms
16ms Image
text/plain 2600:9000:225f:e00:1b:5138:8a40:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-SIA9g2gMz12PrzgHwCrNBqxpzwASdtcW7-_TkA
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:e00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
via: 1.1 6ffd9144e1bc0d7518dfec3f04843cdc.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: H_IrAOYyBaYXHez3XAV-QUESYSKKpuap2qz_Yxt2hEBTsDcBXP8uvg==
x-cache: FunctionGeneratedResponse from cloudfront

GET sync
x.bidswitch.net/ Frame CCB4 0
0

GET
H2 204 pixel_sync
trends.revcontent.com/cm/ Frame CCB4 0
174 B 379ms
310ms Image
text/plain 52.210.228.8

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-j-aHxmgMz12PrzgHwCrNBqxpzwBlIrWygDIvBg
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.228.8 -, , ASN (),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:13 GMT
x-powered-by: Express

GET
H2 200 um
criteo-sync.teads.tv/ Frame CCB4 23 B
172 B 89ms
35ms Image
image/gif 104.111.242.245

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-Ei_QQ2gMz12PrzgHwCrNBqxpzwBKWfrgOJ6N5g
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 06 Mar 2022 19:54:12 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CCB4 0
99 B 44ms
13ms Image
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-j13TTmgMz12PrzgHwCrNBqxpzwC7JffVCwC1Rw
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12612

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CCB4 43 B
163 B 74ms
17ms Image
image/gif 185.86.137.131

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-seIbXmgMz12PrzgHwCrNBqxpzwDC8waWsDZDQQ
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame CCB4 68 B
263 B 59ms
8ms Image
image/png 35.158.213.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-IOsow2gMz12PrzgHwCrNBqxpzwCoPaXZAuA-Lw
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.213.49 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
content-length: 68
content-type: image/png

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame CCB4
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ

43 B
0

36ms
35ms

Image
image/gif

54.154.22.197

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: H2
Server: 54.154.22.197 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 06 Mar 2022 19:54:13 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-OfaIXWgMz12PrzgHwCrNBqxpzwA9KxDPgqnmVQ
date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET 28292
i.liadm.com/s/ Frame CCB4 0
0

GET 1017
jadserve.postrelease.com/suid/ Frame CCB4 0
0

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55945/ Frame CCB4
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&apid=UP322b58db-9d87-11ec-971a-061088aa4ac0

0
133 B

12ms
12ms

Image
text/plain

3.126.56.137

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&apid=UP322b58db-9d87-11ec-971a-061088aa4ac0

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Server

3.126.56.137 -, , ASN (),

Reverse DNS

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-NuabX2gMz12PrzgHwCrNBqxpzwBr_pjF4dl_Jw&_origin=1&apid=UP322b58db-9d87-11ec-971a-061088aa4ac0
date: Sun, 06 Mar 2022 19:54:12 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET sync
criteo-partners.tremorhub.com/ Frame CCB4 0
0

GET
H/1.1

200
OK

empty.gif
cdn.stickyadstv.com/one-shot/ Frame CCB4
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-aZ6PVGgMz12PrzgHwCrNBqxpzwA1P2mcvFxvUQ&redirectId=69
https://cdn.stickyadstv.com/one-shot/empty.gif?

43 B
438 B

185ms
14ms

Image
image/gif

2001:4de0:ac19::1:b:3a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by: Host: ertcshortcut.com
URL: https://ertcshortcut.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:3a -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 19:54:13 GMT
Last-Modified: Thu, 28 Feb 2013 15:45:35 GMT
ETag: "1362066335"
X-HW: 1646596453.dop130.am5.t,1646596453.cds007.am5.shn,1646596453.cds007.am5.c
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7200
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:13 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1646596452969043-343
Expires: Sun, 06 Mar 2022 19:54:13 GMT

POST
H3 204 matomo.php
matomo.groovetech.io/ Frame 3F73 0
526 B 64ms
63ms Ping
text/plain 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=007714&h=19&m=54&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&urlref=%2F&_id=6e7ded5dd1674598&_idn=1&_refts=1646596452&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SjUxaq&pf_net=0&pf_srv=223&pf_tfr=0&pf_dm1=1298
Requested by: Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.groove.cm/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

date: Sun, 06 Mar 2022 19:54:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8CecHl9I%2F0N9ezhAE4CK%2Bn9ioZSd4iXecYFGrxcXJErYnpJciFTOeIyVaPBdYhCU8gctAi%2FQarrdHkf6DgO7n8dDkkUl0yxlzj%2FiRzdqBwyqP68xXULZQMn4AnCGt4pkN79lKxjqC1eB6CNOvQF6r0%2FVw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.groove.cm
access-control-allow-credentials: true
cf-ray: 6e7da4557e19913c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vendor.aaf2a4e6.js Show response
beacon-v2.helpscout.net/static/js/ Frame 15FE 699 KB
196 KB 8ms
8ms Script
application/javascript 13.32.99.103

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/vendor.aaf2a4e6.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 19:14:11 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 18:10:35 GMT
server: AmazonS3
age: 2402
etag: "946a62e8130eaf8c074bab6fa6a6f020"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 199971
x-amz-cf-id: OhvcdLgheDMQF48fA-gpkJmzRmTu3PjnDrA7_rvfyf-Mv0kr857iPA==

GET
H2 200 main.0a1eb6f8.js Show response
beacon-v2.helpscout.net/static/js/ Frame 15FE 267 KB
68 KB 24ms
24ms Script
application/javascript 13.32.99.103

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon-v2.helpscout.net/static/js/main.0a1eb6f8.js
Requested by: Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.groove.cm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 18:11:35 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 18:10:35 GMT
server: AmazonS3
age: 6158
etag: "dd516ee864c647b9ae367769c389dd7c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
cache-control: max-age=315360000, s-maxage=7200, public
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 68669
x-amz-cf-id: g5fJ2dW-4IjH5VOMXZSGVCwdZtpd-cBRRoXQgeuU-HmYzWgyQ8Z9Fg==

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame CCB4
Redirect Chain

https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/j83a5UPlABrccpCYh5aZ5FW9TTGEPELL/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2912315729240649649

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2912315729240649649

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1293920
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=2912315729240649649
pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CCB4
Redirect Chain

https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4023139566762234725

43 B
370 B

16ms
16ms

Image
image/gif

178.250.2.151

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4023139566762234725

Requested by

Host: ertcshortcut.com
URL: https://ertcshortcut.com/

Protocol

Server

178.250.2.151 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 19:54:12 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1753978
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 19:54:13 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a508b33d-04e2-434d-a146-c4bb127f581d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4023139566762234725
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bat.bing.com
URL: https://bat.bing.com/bat.js

Domain: simage2.pubmatic.com
URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-9SNf32gMz12PrzgHwCrNBqxpzwBj6n7YyiTy0g

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qMaocmgMz12PrzgHwCrNBqxpzwAPgj9vlaJGPg&expires=30&user_group=5

Domain: i.liadm.com
URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-4j3RBGgMz12PrzgHwCrNBqxpzwDjD7rhitLJvA

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/suid/1017?vk=k-KPvdEWgMz12PrzgHwCrNBqxpzwDABTXcgVNEXg

Domain: criteo-partners.tremorhub.com
URL: https://criteo-partners.tremorhub.com/sync?UICR=k-TAO6e2gMz12PrzgHwCrNBqxpzwBAcXeMUT8Bjw

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fs22.formsite.com/res	1969-12-31 23:59:59	Name: JSESSIONID Value: BBDFAA52D6856764F007DC7759CC29C9
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: -aTJkQXdyKw
.youtube.com/	1970-01-20 05:42:28	Name: VISITOR_INFO1_LIVE Value: uhJopPq41_A
.bing.com/	1970-01-20 10:44:52	Name: MUID Value: 069DE39DC85763B93A35F2C2C9FB62D9
.doubleclick.net/	1970-01-20 10:44:52	Name: IDE Value: AHWqTUlX4pXUt_LlpkHhEVB4hsUEPJQN4Rx4NdOmdR78E2DB7T0Ff5THF0oPbO3_
.criteo.com/	1970-01-20 10:44:52	Name: uid Value: 244e6ab1-6f85-483d-8ca8-9f480ed2dfb4
fs22.formsite.com/	1970-01-20 01:33:21	Name: AWSALBCORS Value: SSEGdNvNjfha/WaW8zZApnvX7uIv85bnnx0/i2mVaRxxi7uK4BTWRX8CvKus56NYx7QsK6fxqDTTprBv9t/w4BUGbruIHZw+Ewk6d54eqh7KvycaTHzHB7RmiaSd
.yahoo.com/	1970-01-20 10:09:14	Name: A3 Value: d=AQABBGQRJWICEF9zzj4g6PV58t1cywpQTh8FEgEBAQFiJmIuYgAAAAAA_eMAAA&S=AQAAApaIH3h7PGXiDDhKZGjRAIA
.c.bing.com/	1970-01-20 10:44:52	Name: SRM_B Value: 069DE39DC85763B93A35F2C2C9FB62D9
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 10:44:52	Name: MUID Value: 069DE39DC85763B93A35F2C2C9FB62D9
.c.clarity.ms/	1970-01-20 01:23:17	Name: ANONCHK Value: 0
.rlcdn.com/	1970-01-20 10:08:52	Name: rlas3 Value: CuHoBFwu/+/u32iZdKOnFHZ0AlaVscQWRLWjuVNDIUs=
.rlcdn.com/	1970-01-20 02:49:40	Name: pxrc Value: CAA=
.adnxs.com/	1970-01-20 03:32:52	Name: uuid2 Value: 4023139566762234725
.3lift.com/	1970-01-20 03:32:52	Name: tluid Value: 4289133885587897572661
.adnxs.com/	1970-01-20 03:32:52	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2E?_pddjp!]tbPl@/D!9hy6]/Cv[Bm)<nU1/HEXhr^Uh1h%qXabI-w^gMjolyAD53`%/w1f'$>zOLn154E`bpRzqF1`bbvI+gc86
.casalemedia.com/	1970-01-20 10:08:52	Name: CMID Value: YiURZBCizUWebQCi3m.NjwAA
.casalemedia.com/	1970-01-20 03:32:52	Name: CMPS Value: 3240
.media.net/	1970-01-20 10:08:52	Name: visitor-id Value: 2895980520733385000V10
.media.net/	1970-01-20 02:06:28	Name: data-c-ts Value: 1646596452
.media.net/	1970-01-20 02:06:28	Name: data-c Value: k--1EZNWgMz12PrzgHwCrNBqxpzwBdIJinAgsNkw~~3
.turn.com/	1970-01-20 05:42:28	Name: uid Value: 2912315729240649649
.casalemedia.com/	1970-01-20 03:32:52	Name: CMPRO Value: 1151
.casalemedia.com/	1970-01-20 10:08:52	Name: CMRUM3 Value: 14622511642760k-msBweWgMz12PrzgHwCrNBqxpzwDALhFBOHfLOA
.casalemedia.com/	1970-01-20 01:24:42	Name: CMST Value: YiURZGIlEWQA
.sharethrough.com/	1970-01-20 10:08:52	Name: stx_user_id Value: 8f5d60ea-6174-4405-8dcb-df3e1ae84e7f
.advertising.com/	1970-01-20 10:10:18	Name: APID Value: UP322b58db-9d87-11ec-971a-061088aa4ac0
.analytics.yahoo.com/	1970-01-20 10:08:52	Name: IDSYNC Value: "18zh~23lv:1761~23lv"
.360yield.com/	1970-01-20 03:32:52	Name: tuuid Value: fbac7e71-38ac-48b5-9b27-b377e5380e56
.360yield.com/	1970-01-20 03:32:52	Name: tuuid_lu Value: 1646596452

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://app.groove.cm/groovevideo/js/chunk-vendors.f79b17ef.js(Line 574) Message: Mixed Content: The page at 'https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD' was loaded over HTTPS, but requested an insecure element 'http://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://widget.groovevideo.com/widget/app.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
network	error	URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-8rl2tWgMz12PrzgHwCrNBqxpzwC4ASTfcnqsIA&ct=3&cv=1 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175592.tracking.hyros.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
ajax.googleapis.com
api.loopedin.io
app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
bat.bing.com
beacon-v2.helpscout.net
c.bing.com
c.clarity.ms
cdn.productstash.io
cdn.stickyadstv.com
cdn.tooltip.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.clarity.ms
d.turn.com
data.tooltip.io
dis.criteo.com
eb2.3lift.com
ertcshortcut.com
fonts.googleapis.com
fonts.gstatic.com
fs22.formsite.com
googleads.g.doubleclick.net
groovevideo-videos.s3.amazonaws.com
gum.criteo.com
i.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
ka-f.fontawesome.com
kit.fontawesome.com
match.sharethrough.com
matomo.groovetech.io
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pp.signalayer.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
v1.gdapis.com
videos.groovevideo.com
widget.groovevideo.com
widget.us.criteo.com
www.easymoneyforcontractors.veterinaryclinictaxcredit.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
bat.bing.com
criteo-partners.tremorhub.com
i.liadm.com
jadserve.postrelease.com
simage2.pubmatic.com
x.bidswitch.net
104.108.145.8
104.111.242.245
104.84.56.126
108.128.72.146
13.32.99.103
141.226.228.48
142.250.184.226
178.250.0.157
178.250.2.151
185.33.220.240
185.86.137.131
192.185.16.113
2.18.234.233
2.22.32.24
2001:4de0:ac19::1:b:3a
2001:678:cb4:bbbb::13
212.82.100.181
216.58.212.162
2600:9000:2104:7600:b:d801:7900:93a1
2600:9000:2104:ea00:6:36e8:9f00:93a1
2600:9000:225f:e00:1b:5138:8a40:93a1
2606:4700:3033::ac43:c96b
2606:4700::6810:135e
2606:4700::6812:14b4
2606:4700::6812:1734
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:82b::200a
2a02:2638::1c
2a02:2638::3
2a06:98c1:3120::7
2a06:98c1:3121::7
2a0b:4d07:102::1
3.126.56.137
34.232.251.165
35.158.213.49
35.244.174.68
40.76.174.66
44.194.91.8
52.142.114.2
52.209.248.164
52.210.228.8
52.219.176.172
52.59.41.116
52.70.96.75
54.154.22.197
69.173.144.138
70.42.32.191
74.119.119.150
76.223.111.18
89.187.169.47
03740d913a5fcdc0e1c73857e83934b0bf85dd1f5b92e2e1f15f2e283d7261c6
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f
0cbf470d7b5d4aa1136de5cf78515a965be83022bc741ffb0a56a27692414c0c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
102390511cfad271d89b358aaa0eb8ee7abab2b7361fa95c724889d57850322c
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10cf021113df2c7b25afd84a78f4b0cd118cf3876b6277c33fd8ffd7b6c6bf80
11c69bcd87891a42d96e5d30f79e017f7df78fb5d1b38c172bd8499afa53314d
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
1a30b4ab2f508190574bdab55e08be7de3b85e94bbb1c7640a6ce3f5d91dab85
1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5
1eff7b7cd26420f2843c2427d5f8fc24c423827818b0f2d457e9cc32193cea77
204a2eedfab0e8fd23a8dcceae6d93c3c824ed90ef664b45e455283ea2145a7f
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
2c1ae13164e1fc30ddc513415b482b060b775f1bc1eb6e18a865b07101956b0b
2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe
304cbbc575c227a24f183d9800167ab06418327356f73099404136d8bb9a6c92
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
43af579102b8c4adff968a3a00280fc2061cc33538c7bbad1d8d6ec775f0807b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6e3feec3acce9cc2b8c6fda68b603c236ea5739884e84fc76d4ec63a8b841d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7
4f42380e939b5f505f352af3e0c3d2bf89cfa2c8d90a93c9f995629c5e7255e7
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d3bf72133f30f5e4ea2824f5906c580070865a0355d83013bc22d1849d8e42
584763d9f453246beeee987807e900f7f70226ce820cc98c09971b95c3635a7c
59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37
5a00b9071e6f6fc2b7f45ee76bad85fc825037d1c0fca396462880b8378f3408
5bc2e45266401b0277b4fd26fdc5fc09eece68f3f95455432553149a9d4065dc
5c0a96a2e0c97784664302304156b2a40db0a686791e1549ab6f42acc4b8ad9a
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a
6b223bb6c3fb8210034350b25e704c74c30d87756cdda5432b4649483e366e78
6b5b6dbacd834c25f8b7eecd19cae92f3d6ee6c14c2efffaeb7e6e0494a8d979
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9
701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad
733d88fb6cf21570f7b80d6977e3456eff95c3c2a46be3b02a5bea904c3b096e
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73dfc0f33f4f802ead5608387856b02f1ac00e704d7bb883171f4c4420d24e7a
76890ed0912951cb7116c2cfdec0d5ad3e138e94641d0dd1126ad45304feddba
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346
7b47ae80afa3203ba35b6f17e9a9c0641ac3f8f5d37b3ae9f01f06730b1e7ae6
7cd6f43503c1125d872239c5697f7b3e99c3d7db4df8f52cec57f62365ff633e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fb878ad6dce7f17e4fb5caa4e8ab5b90a8d519b7f6f0f9e46c67478a5a10229
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85635df68b8d195f5bd3b84eae58eb6bbef45ae3a8b6735860db715337f2e806
85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc
865bee3153176948ed15e53e98b4057deb49e98bbbede2c1f3bce4a56912d212
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
88aad6eef53d8bb8a2a1111cf86de457f011118ea08b7950af7e5accfda63983
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f7daf399df525aa0a5436ede7716751c312b63fbf10ce6df7e2ccb07fcd4d4b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
9221b2c07e1ad6a168982f0fbb342131b2e96c0ebe5902d98653d3a546a34632
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95c935f2ab2e27035c97194ebdd59f033a3e872bd82ba1a9b603588759c59d55
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a706ab21b54b0d2d1e6e54b815558dd4ddfc615df9e639f518989a5555f8d5cf
a7345e5e7b11f2aaace21364e5b87087f9ddab450858c061694db22bd095f06b
aa1cf79fdb89e6ff28f4e17e1472de5fecb60884ab4625b01b5329ee6e7465b8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b204913c9832e2ea49df683dab67ef73146bfd43a1845458e68fde81bc25a8aa
b375cbb5b9a1d783a38ef89dd8d68eb9cd3a5ec11559dc6422da16ef66e939ff
b45f5504b077fbe2d545f3b95edd6a1c393d59dd7e65c8a3c0f981658355fb41
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c177e9c84d392f24927bacc3365c8bb1515707a3c5dc159c14ab35a23d660a14
c4c671da84ac9593e4d1d3992f132e6c079fde149d6744e8c3c2a9d48cecb2ae
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6c38303932536ea69957d97b4f13bb4f7cecbd2373542e516a9d8429afc0b15
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0a8a7385ba4c6c2912d55303f18d7dafbeed9ad6f7a14aca096ce4dea8aa06f
d72a0fbde35c547caabc6cfaa2c6a9f4d60653d96f38a5fe6e064fe7c7e9ab7c
d778f72c2b8ebbb1fda46a74c2003b9b855ccf11679a406b943da762011e6aca
d9d632d57cccef45c994f7568f92260b1a733bffcd56372e3b3726c2cb8b8987
dc41ffc9fb33501fcf5cb49b44c77dad397e6cb813ecb11ff30e3759bafac9ea
def29134e08de7baeafdb978d435081160c83c3bd25705aa41323261e2f0e544
e3aa5038f4c2d15d1f24ae3a8d914e8489bd38faac88e49400891b85b568314a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eefcaed1e731e6269947209c907c643e8801654b1e6057d309cfbcdc790dd0ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027ea063eee0d6e52cca300261c8769a933de84ffdb7e6a2214d447793444db
f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
faa7999a9bc916746448d20ba389c7360faea9bc01a9e53fc08275e565cbf399
fbfe54a0e52908626c069d2c012626ddb5cccd3989c1057156a36ee2fae89f04
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fcf9b4095c5dd1c48839eaa675c05501f47dc0c2cc7268ec0582f8111db1409f
fe096c1a1b3636490559c3e3d5c51dedcfed669ef95394071a765d922937dc6d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.easymoneyforcontractors.veterinaryclinictaxcredit.com Open in urlscan Pro 192.185.16.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

194 Requests

87 %HTTPS

42 %IPv6

57 Domains

71 Subdomains

56 IPs

3 Countries

12284 kBTransfer

37329 kBSize

31 Cookies

0 Outgoing links

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.easymoneyforcontractors.veterinaryclinictaxcredit.com Open in urlscan Pro
192.185.16.113 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

87 %
HTTPS

42 %
IPv6

57
Domains

71
Subdomains

56
IPs

3
Countries

12284 kB
Transfer

37329 kB
Size

31
Cookies

194 HTTP transactions
1 data transactions