urlscan.io logo urlscan.io
SecurityTrails logo

ertcmoney.biz Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
URL: https://ertcmoney.biz/
Submission: On March 14 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 7 countries across 56 domains to perform 325 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ertcmoney.biz.
TLS certificate: Issued by E1 on March 14th 2022. Valid for: 3 months.
This is the only time ertcmoney.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2a06:98c1:312... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 39 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
21 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:223... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
7 35.169.204.227 14618 (AMAZON-AES)
12 2606:4700::68... 13335 (CLOUDFLAR...)
6 185.93.2.243 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a0b:4d07:101::1 44239 (PROINITY ...)
6 2a00:1450:400... 15169 (GOOGLE)
9 108.128.72.146 16509 (AMAZON-02)
3 34.232.251.165 14618 (AMAZON-AES)
3 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 142.250.186.162 15169 (GOOGLE)
9 2a00:1288:80:... 203220 (YAHOO-DEB)
1 10 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a02:2638::3 44788 (ASN-CRITE...)
3 44.194.124.170 14618 (AMAZON-AES)
9 12 2a02:2638::1c 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
6 212.82.100.181 34010 (YAHOO-IRD)
3 178.250.0.157 44788 (ASN-CRITE...)
3 20.84.22.197 8075 (MICROSOFT...)
2 2620:1ec:27::... 8075 (MICROSOFT...)
3 3 178.250.0.163 44788 (ASN-CRITE...)
3 74.119.119.150 19750 (AS-CRITEO)
3 2a00:1450:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 52.219.143.36 16509 (AMAZON-02)
6 20.75.32.255 8075 (MICROSOFT...)
9 108.138.7.83 16509 (AMAZON-02)
1 4 52.142.114.2 8075 (MICROSOFT...)
6 35.244.174.68 15169 (GOOGLE)
3 3 172.217.23.98 15169 (GOOGLE)
9 178.250.2.151 44788 (ASN-CRITE...)
3 52.51.3.136 16509 (AMAZON-02)
6 3.126.56.137 16509 (AMAZON-02)
3 70.42.32.63 22075 (AS-OUTBRAIN)
3 184.30.24.121 16625 (AKAMAI-AS)
3 69.173.144.138 26667 (RUBICONPR...)
7 10 185.33.221.15 29990 (ASN-APPNEX)
3 185.64.189.110 62713 (AS-PUBMATIC)
1 4 13.248.245.213 16509 (AMAZON-02)
3 23.35.228.23 16625 (AKAMAI-AS)
2 5 2.18.234.21 16625 (AKAMAI-AS)
3 2600:9000:223... 16509 (AMAZON-02)
2 5 18.194.211.85 16509 (AMAZON-02)
3 52.210.228.8 16509 (AMAZON-02)
3 104.111.242.245 16625 (AKAMAI-AS)
3 141.226.228.48 200478 (TABOOLA-AS)
3 185.86.139.114 201081 (SMARTADSE...)
3 18.195.162.156 16509 (AMAZON-02)
2 5 34.255.38.72 16509 (AMAZON-02)
6 6 52.2.22.200 14618 (AMAZON-AES)
3 2600:1f18:444... 14618 (AMAZON-AES)
3 34.231.120.176 14618 (AMAZON-AES)
5 5 54.93.153.188 16509 (AMAZON-02)
3 2600:1f18:612... 14618 (AMAZON-AES)
3 3 2.18.234.233 16625 (AKAMAI-AS)
3 2001:4de0:ac1... 20446 (STACKPATH...)
3 3 2001:678:cb4:... 56396 (AMOBEE)
325 61
13    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
ertcmoney.biz
matomo.groovetech.io
8    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
39    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
app.groove.cm
ka-f.fontawesome.com
v1.gdapis.com
app.groovefunnels.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
21    2606:4700::6812:15b4 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.grooveapps.com
5    2600:9000:223d:b200:b:d801:7900:93a1 (United States)

ASN16509 (AMAZON-02, US)
widget.groovevideo.com
videos.groovevideo.com
13    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    35.169.204.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-204-227.compute-1.amazonaws.com
fs22.formsite.com
12    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    185.93.2.243 (Paris, France)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-93-2-243.datapacket.com
cdn.productstash.io
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
6    2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.tooltip.io
6    2a00:1450:400e:811::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
9    108.128.72.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
api.loopedin.io
3    34.232.251.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-251-165.compute-1.amazonaws.com
pp.signalayer.com
3    2600:9000:223d:a600:6:36e8:9f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
data.tooltip.io
3    2a00:1450:400e:802::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
9    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
ads.yahoo.com
10    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    44.194.124.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-124-170.compute-1.amazonaws.com
175592.tracking.hyros.com
12    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
f.clarity.ms
2    2620:1ec:27::cafe:1905 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
3    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:822::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.de
3    52.219.143.36 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-w.us-east-2.amazonaws.com
groovevideo-videos.s3.amazonaws.com
6    20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
9    108.138.7.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-83.fra56.r.cloudfront.net
beacon-v2.helpscout.net
4    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
6    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
cm.g.doubleclick.net
9    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    52.51.3.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-3-136.eu-west-1.compute.amazonaws.com
partner.mediawallahscript.com
6    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com
cw.addthis.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
10    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com
contextual.media.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
r.casalemedia.com
3    2600:9000:223f:a800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
5    18.194.211.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    52.210.228.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-228-8.eu-west-1.compute.amazonaws.com
trends.revcontent.com
3    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
3    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
3    18.195.162.156 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-162-156.eu-central-1.compute.amazonaws.com
match.sharethrough.com
5    34.255.38.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-38-72.eu-west-1.compute.amazonaws.com
ad.360yield.com
6    52.2.22.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-22-200.compute-1.amazonaws.com
i.liadm.com
3    2600:1f18:444a:4602:f850:4eec:7dd:fbc1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
3    34.231.120.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-120-176.compute-1.amazonaws.com
jadserve.postrelease.com
5    54.93.153.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-153-188.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    2600:1f18:612b:4264:cf98:6d7b:6943:bef0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
3    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
cdn.stickyadstv.com
3    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
Apex Domain
Subdomains		 Transfer
30 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
sslwidget.criteo.com — Cisco Umbrella Rank: 1650
widget.us.criteo.com — Cisco Umbrella Rank: 20407
dis.criteo.com — Cisco Umbrella Rank: 617
51 KB
22 groove.cm
app.groove.cm — Cisco Umbrella Rank: 261611
8 MB
21 grooveapps.com
assets.grooveapps.com — Cisco Umbrella Rank: 252528
3 MB
15 clarity.ms
f.clarity.ms — Cisco Umbrella Rank: 1861
www.clarity.ms — Cisco Umbrella Rank: 916
b.clarity.ms — Cisco Umbrella Rank: 2975
c.clarity.ms — Cisco Umbrella Rank: 547
69 KB
15 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 779
ads.yahoo.com — Cisco Umbrella Rank: 816
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
3 KB
13 gstatic.com
fonts.gstatic.com
305 KB
12 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
376 KB
12 groovetech.io
matomo.groovetech.io — Cisco Umbrella Rank: 311341
89 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
790 KB
10 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 359
10 KB
10 bing.com
bat.bing.com — Cisco Umbrella Rank: 338
c.bing.com — Cisco Umbrella Rank: 193
37 KB
9 liadm.com
i.liadm.com — Cisco Umbrella Rank: 467
i6.liadm.com — Cisco Umbrella Rank: 1591
4 KB
9 helpscout.net
beacon-v2.helpscout.net — Cisco Umbrella Rank: 9978
792 KB
9 loopedin.io
api.loopedin.io — Cisco Umbrella Rank: 642883
8 KB
9 gdapis.com
v1.gdapis.com — Cisco Umbrella Rank: 657042
6 KB
7 formsite.com
fs22.formsite.com — Cisco Umbrella Rank: 441039
28 KB
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626
cdn.stickyadstv.com — Cisco Umbrella Rank: 2067
3 KB
6 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 281
1 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
5 KB
6 yimg.com
s.yimg.com — Cisco Umbrella Rank: 394
18 KB
6 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
150 KB
6 tooltip.io
cdn.tooltip.io — Cisco Umbrella Rank: 160912
data.tooltip.io — Cisco Umbrella Rank: 162055
243 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
400 KB
6 productstash.io
cdn.productstash.io — Cisco Umbrella Rank: 695153
24 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1590
ka-f.fontawesome.com — Cisco Umbrella Rank: 2959
114 KB
5 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
2 KB
5 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
2 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
3 KB
5 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1730
4 KB
5 groovevideo.com
widget.groovevideo.com — Cisco Umbrella Rank: 950247
videos.groovevideo.com
3 MB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
1 KB
3 turn.com
d.turn.com — Cisco Umbrella Rank: 652
1 KB
3 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2186
547 B
3 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 935
1 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
787 B
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603
489 B
3 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1233
295 B
3 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1682
516 B
3 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 1661
886 B
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
719 B
3 media.net
contextual.media.net — Cisco Umbrella Rank: 469
2 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 554
2 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
717 B
3 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 1130
1 KB
3 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 720
1 KB
3 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 1664
696 B
3 amazonaws.com
groovevideo-videos.s3.amazonaws.com
3 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6433
764 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
764 B
3 hyros.com
175592.tracking.hyros.com
508 B
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
39 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 101
44 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
59 KB
3 signalayer.com
pp.signalayer.com — Cisco Umbrella Rank: 77329
778 B
3 groovefunnels.com
app.groovefunnels.com — Cisco Umbrella Rank: 797291
1 KB
1 ertcmoney.biz
ertcmoney.biz
55 KB
325 56
Domain Requested by
22 app.groove.cm ertcmoney.biz
widget.groovevideo.com
app.groove.cm
21 assets.grooveapps.com ertcmoney.biz
13 fonts.gstatic.com fonts.googleapis.com
fs22.formsite.com
12 gum.criteo.com 9 redirects static.criteo.net
12 cdnjs.cloudflare.com app.groove.cm
12 matomo.groovetech.io ertcmoney.biz
matomo.groovetech.io
app.groove.cm
10 secure.adnxs.com 7 redirects ertcmoney.biz
9 dis.criteo.com ertcmoney.biz
9 beacon-v2.helpscout.net app.groove.cm
beacon-v2.helpscout.net
9 bat.bing.com ertcmoney.biz
bat.bing.com
app.groove.cm
9 api.loopedin.io cdn.productstash.io
9 v1.gdapis.com widget.groovevideo.com
app.groove.cm
8 fonts.googleapis.com ertcmoney.biz
app.groove.cm
7 fs22.formsite.com ertcmoney.biz
fs22.formsite.com
6 i.liadm.com 6 redirects
6 ups.analytics.yahoo.com ertcmoney.biz
6 idsync.rlcdn.com ertcmoney.biz
6 b.clarity.ms www.clarity.ms
6 sp.analytics.yahoo.com app.groove.cm
ertcmoney.biz
6 s.yimg.com ertcmoney.biz
s.yimg.com
6 www.youtube.com app.groove.cm
www.youtube.com
6 www.googletagmanager.com app.groove.cm
www.googletagmanager.com
6 cdn.productstash.io app.groove.cm
cdn.productstash.io
5 pixel.advertising.com 5 redirects
5 ad.360yield.com 2 redirects ertcmoney.biz
5 x.bidswitch.net 2 redirects ertcmoney.biz
5 r.casalemedia.com 2 redirects ertcmoney.biz
5 ka-f.fontawesome.com kit.fontawesome.com
ertcmoney.biz
4 eb2.3lift.com 1 redirects ertcmoney.biz
4 c.clarity.ms 1 redirects ertcmoney.biz
bat.bing.com
4 videos.groovevideo.com app.groove.cm
ertcmoney.biz
3 d.turn.com 3 redirects
3 cdn.stickyadstv.com ertcmoney.biz
3 ads.stickyadstv.com 3 redirects
3 criteo-partners.tremorhub.com ertcmoney.biz
3 jadserve.postrelease.com ertcmoney.biz
3 i6.liadm.com ertcmoney.biz
3 match.sharethrough.com ertcmoney.biz
3 rtb-csync.smartadserver.com ertcmoney.biz
3 sync-t1.taboola.com ertcmoney.biz
3 criteo-sync.teads.tv ertcmoney.biz
3 trends.revcontent.com ertcmoney.biz
3 s.ad.smaato.net ertcmoney.biz
3 contextual.media.net ertcmoney.biz
3 simage2.pubmatic.com ertcmoney.biz
3 pixel.rubiconproject.com ertcmoney.biz
3 cw.addthis.com ertcmoney.biz
3 sync.outbrain.com ertcmoney.biz
3 ads.yahoo.com ertcmoney.biz
3 partner.mediawallahscript.com ertcmoney.biz
3 cm.g.doubleclick.net 3 redirects
3 groovevideo-videos.s3.amazonaws.com app.groove.cm
ertcmoney.biz
3 www.google.de app.groove.cm
3 www.google.com app.groove.cm
3 widget.us.criteo.com app.groove.cm
3 sslwidget.criteo.com 3 redirects
3 f.clarity.ms bat.bing.com
f.clarity.ms
3 mug.criteo.com app.groove.cm
3 googleads.g.doubleclick.net www.googleadservices.com
3 175592.tracking.hyros.com ertcmoney.biz
3 static.criteo.net www.googletagmanager.com
3 www.googleadservices.com www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
3 data.tooltip.io cdn.tooltip.io
3 pp.signalayer.com cdn.tooltip.io
3 cdn.tooltip.io app.groove.cm
3 ajax.googleapis.com fs22.formsite.com
3 app.groovefunnels.com 3 redirects
2 www.clarity.ms bat.bing.com
1 c.bing.com 1 redirects
1 widget.groovevideo.com ertcmoney.biz
1 kit.fontawesome.com ertcmoney.biz
1 ertcmoney.biz
325 73

This site contains links to these domains. Also see Links.

Domain
www.irs.gov
Subject Issuer Validity Valid
*.ertcmoney.biz
E1		 2022-03-14 -
2022-06-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
videos.groovevideo.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.formsite.com
Go Daddy Secure Certificate Authority - G2		 2022-03-01 -
2022-04-02		 a month crt.sh
cdn.productstash.io
R3		 2022-03-02 -
2022-05-31		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
cdn.tooltip.io
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
api.loopedin.io
R3		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.signalayer.com
Amazon		 2022-02-01 -
2023-02-28		 a year crt.sh
*.tooltip.io
Amazon		 2021-03-29 -
2022-04-27		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-14 -
2022-05-04		 2 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
tracking.hyros.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-27 -
2023-02-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2021-12-15 -
2022-12-03		 a year crt.sh
*.helpscout.net
Amazon		 2021-04-25 -
2022-05-24		 a year crt.sh
*.mediawallahscript.com
Amazon		 2021-05-19 -
2022-06-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2021-10-24 -
2022-11-24		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 01		 2022-02-08 -
2023-02-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.360yield.com
Amazon		 2021-07-28 -
2022-08-26		 a year crt.sh

This page contains 11 frames:

Primary Page: https://ertcmoney.biz/
Frame ID: 758993C20116CD0A76A9839D1066C621
Requests: 51 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Frame ID: 8EBD8A5BF90DCE808392506D203AC394
Requests: 53 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Frame ID: 6C43013D8D4CFAF43B6FF065483925F7
Requests: 55 HTTP requests in this frame

Frame: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Frame ID: FC09E5B165A11AB05E87DF41AE354D31
Requests: 53 HTTP requests in this frame

Frame: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Frame ID: 49B9EC09178E0750DBD3D6E9B3D35F8A
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Frame ID: 44563F8EE488203C310CE9F05574553F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Frame ID: DC53C72C1100D969E9E5C98818D2F5B5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Frame ID: 2B5B1EA9DB8148B0A46D95E08187DFC2
Requests: 2 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=x5C1Fsg6FpWUr6X2GamNkMdu6EEoaXRL
Frame ID: 93FFA0BCC7D881C53AE442F90DE4CAF5
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=4NZjHd_SzIVo2Ehm9wJmZ3rqdypYcF7B
Frame ID: 82ED93978870059DF1B6E47EB444BAEA
Requests: 30 HTTP requests in this frame

Frame: https://idsync.rlcdn.com/397596.gif?partner_uid=Qhgl-RmHmi7Z3x2_0M8AF-k4n_gKfWOt
Frame ID: 6DA9654D7A93F90D38FEB6DA6D94BBC3
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ERC Application

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

325
Requests

87 %
HTTPS

41 %
IPv6

56
Domains

73
Subdomains

61
IPs

7
Countries

18604 kB
Transfer

56692 kB
Size

55
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://app.groovefunnels.com/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD HTTP 302
  • https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Request Chain 39
  • https://app.groovefunnels.com/groovevideo/video/75185/PLltPxii7EurFNwx1sEj HTTP 302
  • https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Request Chain 41
  • https://app.groovefunnels.com/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e HTTP 302
  • https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Request Chain 186
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=3ZvkH3xoRWpwM2xqM3huWnJ4QXFPemE2bzlldTc2TElkRUpNS0lTMjV6Vkw1ejVHcmFycXpUdHhxMHBEM21xYmNhdHZkTnRJUEczRFZzemoyb0dFcVNUaFlEMldKTlZnWmZhU2F6RXR4NmxGTlpOVzByYkRoTDhzMmdQd1NZR05KaUt5SE5Td3VwNWJqVDIreHlEeVZZbjJhZGdPV04xUC9aL3NDMklQMFlralIzTFdTd0FzOWdYcThjS0RnM2ZTOHJDS09aV3daZm9Ic2JaYllESlRDa0dMV1I1RVdPbXJPZmhCLzg1SEtXSlpnNkxSSFJxMHhxMmZ1Y09JcnE3VXhBUTI0aGMrYTFwelprdGJZdDQvVG9TQk9kT2piNkNjVENxWmF1Zm95YkR4TEwvMD18&cppv=2
Request Chain 187
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-SpvR3xPVnZVQnUxV01LNlJPL2txenBRaUNzemhCanlVTnZKaVc2TkxiYmtlUENCbnY3YzlEaW45RmVSWUhmN0dFcEZqeWM0RlV3dGF2U1h4bE1wV3N3Y2ZtTGNDV3ZVbFRTdVBWaDhxWFZTQ2x5OTN5UTVjTVA5b1NldjYxRURGbDg0cndTK2NzQTI2dmVEUyt4TDVadDJHRWt6YUhFWWgyemFvUDhwaWJ0aSt4NXlRQmk5NVhibktDTW8vYlhzMXdUdTNnUFpHZUhxVUgxN0pNY1MzTDZPWkVSb2xyVHpibnhKMVUwT2FVeDhqNVFnNUtlckdnMURYTS9DODBYN3B0ejExeHVKS3NIRjNqU2tHd0MxQWZLclRTblFLN29YY3hTaEt4aUNyVUxHUzJpMD18&cppv=2
Request Chain 188
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Y33N-nxzcTJJeC9IRVdaeG9Sd0dEZ09kT2Rlc0ZmNmZhYlFJWFEwdWJlMjZsSVJWMU82U2RwOWdNTkhDSTVxbkhZSThONlB3SjBkOW95UUc5MmgrNXRWYTlUY1EyaHE2aTU2dDNUL1dtai92cjk2ZDdlUHJBZmw0RklFU3RXT2w4c0hYa3ExamJwV1orUFcvTk92cldVVkJ3dlU2M0wwTkJWV2RZWHhtZFE4aTY5RGZLZVZ6K1hoL0tHOTJhSVNqODZLN3Z4U1JVTzdDVE1qMFRVMDFwTk54YXQ2d0RXYm96U1M3YW4rZkpoYkdnakRrZjVrdmlkNEMyTTlPUlpoZ05lWDMxcVNqZFdUY3V6Y1dGaWFlZ1lEMzBWQjdYWTFzaUx1K3d3bVd2Q2l2K0hOdz18&cppv=2
Request Chain 193
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp0cWR4VnhEbkJXR2lRcXN3MVpGJTJGJTJGMDNGQW1GQW5VUERoJTJCJTJGNURPZCUyRnl0WDM5SiUyQmpMencyYmdBUEZSNDhkMmk1NmZwakJTQlNkYVBNWklXUzlMZlhIczlPQkhPVDY3aXRBMWNhRVpoanM1TjA1ZWhmR3huSmlIZW80TFJINk14aTdac2clM0QlM0Q&tld=app.groove.cm&dtycbr=12723 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp0cWR4VnhEbkJXR2lRcXN3MVpGJTJGJTJGMDNGQW1GQW5VUERoJTJCJTJGNURPZCUyRnl0WDM5SiUyQmpMencyYmdBUEZSNDhkMmk1NmZwakJTQlNkYVBNWklXUzlMZlhIczlPQkhPVDY3aXRBMWNhRVpoanM1TjA1ZWhmR3huSmlIZW80TFJINk14aTdac2clM0QlM0Q&tld=app.groove.cm&dtycbr=12723
Request Chain 194
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSUyRkIzb28lMkJoQng3clJ1VWgzQWVXdmZ2aTYwRU0lMkY3Tmd3d1ZzTWMwZzFZZSUyQktaRGc0SWtwblMlMkZUV1JGajZMNlklMkJhMW51OUs3bExQVWIwJTJCRExqcW9MTlElMkZoUTglMkY4ZXFlYjhxdUJlU3RQMzNBc3ZQNENHNUNNT2dFZDJiZGdvV3ozaWlLdlElM0QlM0Q&tld=app.groove.cm&dtycbr=90864 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSUyRkIzb28lMkJoQng3clJ1VWgzQWVXdmZ2aTYwRU0lMkY3Tmd3d1ZzTWMwZzFZZSUyQktaRGc0SWtwblMlMkZUV1JGajZMNlklMkJhMW51OUs3bExQVWIwJTJCRExqcW9MTlElMkZoUTglMkY4ZXFlYjhxdUJlU3RQMzNBc3ZQNENHNUNNT2dFZDJiZGdvV3ozaWlLdlElM0QlM0Q&tld=app.groove.cm&dtycbr=90864
Request Chain 195
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0hkVEpWWmNhV2I4WnZRYnhRQ0JiWWw3SzZ4Y2ZxVWc0ZGJObzRIaW51UzFQTm5Tc0hUZ1FQJTJGeHpPN3dsSlc2YklTT2h0c2tGeUZ0JTJCRFhaRnpYNmJBU3BGUWVIJTJGOU4lMkZnJTJCQVVHMG1YSDklMkJzUXltVWQ1STVlbElUZkdQRDIwemh1RzRXRWclM0QlM0Q&tld=app.groove.cm&dtycbr=86857 HTTP 302
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0hkVEpWWmNhV2I4WnZRYnhRQ0JiWWw3SzZ4Y2ZxVWc0ZGJObzRIaW51UzFQTm5Tc0hUZ1FQJTJGeHpPN3dsSlc2YklTT2h0c2tGeUZ0JTJCRFhaRnpYNmJBU3BGUWVIJTJGOU4lMkZnJTJCQVVHMG1YSDklMkJzUXltVWQ1STVlbElUZkdQRDIwemh1RzRXRWclM0QlM0Q&tld=app.groove.cm&dtycbr=86857
Request Chain 215
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&RedC=c.clarity.ms&MXFR=042924B0B62764C335A635D7B2276A8C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&MUID=064E0D861F1368422A521CE11E7869B2
Request Chain 216
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=x5C1Fsg6FpWUr6X2GamNkMdu6EEoaXRL
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 226
  • https://secure.adnxs.com/setuid?entity=52&code=k-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA&seg=95287 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA%26seg%3D95287
Request Chain 228
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Request Chain 230
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Request Chain 232
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Request Chain 238
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
Request Chain 239
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=e80ff4b78e2e47f1bd7985f547bfa0e9 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Request Chain 241
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Request Chain 243
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 246
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Request Chain 249
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=4NZjHd_SzIVo2Ehm9wJmZ3rqdypYcF7B
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 260
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Request Chain 262
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Request Chain 268
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
Request Chain 269
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=9d347ccc3ed149318e787c32fe808861 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Request Chain 271
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Request Chain 273
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 277
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Request Chain 282
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/WYDMpICK7Baxxdq9oxu-T0KpQzosJ-ac/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8383774310157447797
Request Chain 283
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/rWk2i1yRdAnxM_xECbfJnQKUhovMJdNY/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
Request Chain 286
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
  • https://idsync.rlcdn.com/397596.gif?partner_uid=Qhgl-RmHmi7Z3x2_0M8AF-k4n_gKfWOt
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Request Chain 301
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=149ff21b67784e1d8a42cab0f2ac7b98 HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Request Chain 304
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69 HTTP 302
  • https://cdn.stickyadstv.com/one-shot/empty.gif
Request Chain 313
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Request Chain 316
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Request Chain 318
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fcdb%252Fcookiematch.aspx%253F%2526extid%253D%2524!%7BTURN_UUID%7D HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/gbJN9x6rF7TXfs7Dpyvs6Pc_7onzb6oV/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861

325 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ertcmoney.biz/ 		945 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c8aeff61dc0cef2c88b099eb32d004b3890aa82903cf20dbe73a035d01600a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
content-type
text/html
last-modified
Fri, 18 Feb 2022 21:06:06 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX3PGmNF5%2BoKRiE51pZdGxpqB4GvicTQueZSaObz8vitojWQMxXzUz3%2FlooKQXMyUCLjFMMhyoRnjPLpgGzHGOZnFzCIL737UUhKdIjEJy84TiWtPW69kgz9C%2FJAttCLRIQU2Jhg9kzQxYsr"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb2b6f7a916a-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		714 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:22:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:08 GMT
inpage_published.css
app.groove.cm/groovepages/css/ 		378 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/inpage_published.css
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edcf009b955ee85711b11344da78bf4f64455af074cb71dc5d038f72bfe618c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:28:27 GMT
server
cloudflare
age
3155
etag
W/"622f6d2b-5e676"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXbwCcuqw3VnSKxKD4Gr2aHSilpfth%2BaA1puS1FP5rh%2B7MNwywKKSe%2FQ6rQ7AEiB6YYkSEjO9N6CbwBNVUn%2FtmDt4%2B3y4GpHwWjcCUDeSit33ElN%2B2GmuEpCTmrR7TnOeJQCKp2zF96Hhiwp"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb2d2dff9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.css
app.groove.cm/groovepages/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/css/chunk-vendors.css
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
e7647a48d4.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/e7647a48d4.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://ertcmoney.biz/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6ebfbb2d180c9be9-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FtxZBpVodikualuPTrQh
css2
fonts.googleapis.com/ 		695 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,700;0,900;1,400&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovepages/css/inpage_published.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
03740d913a5fcdc0e1c73857e83934b0bf85dd1f5b92e2e1f15f2e283d7261c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:22:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:08 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
via
1.1 648e777af976c4cfcd01765a8e77fd5e.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2FWp0oXOmP0ph2O1rD2M%2BDxhOtXn7xcmuTxqF7osEPkaQSmlx8%2FtWIdhhGqf8pbh2zQTgvpvw3ZDTEO676sNPYi%2Bvc7JAtoDsaP2QMCDrHZc%2FjSR1gUdaI41w%2FzYGTJbVc74GnxIHUuLMViFigeORvQZGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ebfbb2efd3890d6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Iwe0Hq45dKfKWeyPsOOggwVzYKy3RZbUQyai2GUSXcnlftlIqSMXfA==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
via
1.1 21b1cb66a6f688e3b4ce88f7c515f844.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaIWfdZKCVpHn%2FTzzWZYUKeJRAa6usJsX2wPM%2FWMN3%2FPSQ7CifWPmqwVwXOtVaMijKk52iwTEgecKN21hQKC4lVO2sDg8EAQmyGnAFWgZTdYArvzVIJQQEaiPMVAJItyy06WLtPcMSnfSgrnVtPzRqzKvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ebfbb2efd3990d6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
LSlcrX7Vs4Pn3Nd3mBEnVNXylcKZ-dqWKrixEW6wa5KaT-EHE783HA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/e7647a48d4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
via
1.1 e525bea03a9d3936e48892de5d4c1354.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84xSvzhXp7dlt9rvsDb67Zz3P2WNlDs%2BXkjbB5iiQBj0DEkAyYSgBbuIeUMtwFdNhNIF2oenZ6Tr3bcosR07MRFo8ATqcN8LzHSDrvtgoDPhT3bkwMx1RKKiZJwzw8hO7kTid6LxXYjTxQHUuRBoK9GfdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ebfbb2efd3b90d6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
aUGX5JSohMLcZDyGLYoUvvM7fT481Kegrc5vBEFIAl904enC3Uruzg==
matomo.js
matomo.groovetech.io/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 18:03:47 GMT
server
cloudflare
age
3988
etag
W/"fa13-5d9e1091b9702-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SK6y%2Fepc5OuK7m3UO9hUN6JXMYvxurj5xm1OK%2FnnI5h1Y7omGzvcdceJ5v%2FLG%2BmRE%2Bz6onJ1%2FWclg2xlIifxk5%2BAbNqjwdAvE5CPAwpntvrUw%2ByOBwhi9L1q1NJiSHiagQ240Is05aotckOO2gtL4tpwBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb2f0bde9a35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
matomo.php
matomo.groovetech.io/ 		0
338 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=ertcmoney.biz%2FERC%20Application&idsite=4&rec=1&r=249938&h=20&m=24&s=8&url=https%3A%2F%2Fertcmoney.biz%2F&_id=0c1f5da7774275b9&_idn=1&_refts=0&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=61fbf56bc9e6331d6733fb5b&dimension2=wq08ZLnQc&pv_id=6CbimQ&pf_net=48&pf_srv=223
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ertcmoney.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:08 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LuFGIIwu1JcDnOrqzmtPSis0wjaSToZKcNL2Fv0osaCapv%2Fa42nzrVkYvRo5AgDfDow3QkEZ7hPWKBLM9jaiZy82C%2FJtztTeQvd3e%2FMv7HjeETy9R5aw9bZWZCBdJq3kWbtRz1ZyiU3RnAwpaehiMNyiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ertcmoney.biz
access-control-allow-credentials
true
cf-ray
6ebfbb2fcd9a9a35-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1639970624376KN_ISplE.jpg
assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/ 		540 KB
541 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/1639970624376KN_ISplE.jpg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c0755e5d5d8d64303905d31c7d052821fcf3a326df95a3781bc446dc1a70610

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=1711061
x-guploader-uploadid
ADPycduESAHsGLC1oS6aNfew675FaHomqIYbGK9ck8kGFNSWUmmwRyFZYax-cipsXOUPif5YW8Rpjjm7_M-8l4cwwvd47hYekg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1639970624376KN_ISplE.webp"
content-type
image/webp
content-length
552686
expires
Tue, 15 Mar 2022 00:24:09 GMT
last-modified
Tue, 01 Feb 2022 02:35:35 GMT
server
cloudflare
etag
"134ac66adc50e03ade8e2da8191649ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=mXj3Bw==, md5=E0rGatxQ4Dreji2oGRZJ7w==
x-goog-generation
1643682935647697
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
1711061
accept-ranges
bytes
cf-ray
6ebfbb303aee92a2-FRA
cf-bgj
imgq:85,h2pri
1642964825_ERTC%20FUND%20CONNECTION%20V3%20500x500.png
assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/1642964825_ERTC%20FUND%20CONNECTION%20V3%20500x500.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e058e685236833013f591b2fcb6f1ab01b76da58514d4d4e38bc3dfc90db4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycduJ56YHkIbI9pyP5Z990IM2BaTRwCt2ugB2FlbjW2cP3RQMFmP6_DQtoHJPxKZkP7XaXQN72lgJmbmGNdSeXok
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
44559
last-modified
Sun, 23 Jan 2022 19:07:05 GMT
server
cloudflare
etag
"4af21e9c9a7e18f9f466358ef91a9526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=m4WXrw==, md5=SvIenJp+GPn0ZjWO+RqVJg==
x-goog-generation
1642964825588260
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
44559
accept-ranges
bytes
cf-ray
6ebfbb303aef92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
app.js
widget.groovevideo.com/widget/ 		308 KB
308 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.groovevideo.com/widget/app.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 05:44:11 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Tue, 23 Nov 2021 13:48:27 GMT
server
AmazonS3
age
52799
etag
"c720b112e41afb0ce50f2715cd52d83b"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
content-length
315185
x-amz-cf-id
zS_LTsC4EwwBnsAdNZLowfNScuDh_bktxEQr6f84r7OKzJ7i4g_OyA==
1597718141_diagram.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597718141_diagram.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f1ce6a509d26c957259cd2159a104fc59b1a883aef49071c57e04a9d157c28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
EXPIRED
x-guploader-uploadid
ADPycdvJa22nIeg3fPF43fZlB1HR2xcbYbQOC5Gipn622NkMohKujdjWzim_ni2UwQWl35EWBvEKzETVHP1t7XMeSME
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
3482
last-modified
Tue, 18 Aug 2020 02:35:41 GMT
server
cloudflare
etag
"465d676f542e1fed0d38a67589dc766a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=KuB+dQ==, md5=Rl1nb1QuH+0NOKZ1idx2ag==
x-goog-generation
1597718141588225
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
3482
accept-ranges
bytes
cf-ray
6ebfbb303af492a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1597717671_deadline.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597717671_deadline.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9d651549b9d5dc23529782ecf688fe172f39a95cdc38e9f1cca9c7900d1ce7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
EXPIRED
x-guploader-uploadid
ADPycdsLhOJ3fsejjBTNSubH5aNAxTQkWoiiKdHQFDl5QWYTW3-UA8JDr--_7TTAFZaZcDLz4-KvbgGTIiCg0oL8c68
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
2675
last-modified
Tue, 18 Aug 2020 02:27:51 GMT
server
cloudflare
etag
"d6359770e28354b12c3872173e1ae8c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=Kwa5dQ==, md5=1jWXcOKDVLEsOHIXPhrowA==
x-goog-generation
1597717671974940
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
2675
accept-ranges
bytes
cf-ray
6ebfbb303af592a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1597718121_hashtag.png
assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5df98d83cf362c0e9cf8723d/1597718121_hashtag.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37d59b7044541ba860d2d14e952b26813b9acd57be49b335638091e2c849167

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
EXPIRED
x-guploader-uploadid
ADPycdu3beqb9-kGiEeIYNmHkvKtMLJMgQzxWzFlyMciNshVMkGkjimYEj5srR6e8e-F2UM7eveu76AAduqa_UZoXwg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
4243
last-modified
Tue, 18 Aug 2020 02:35:21 GMT
server
cloudflare
etag
"f70336704c1fd9b920a99a9aa2643a52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=WW8kbQ==, md5=9wM2cEwf2bkgqZqaomQ6Ug==
x-goog-generation
1597718121346867
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
4243
accept-ranges
bytes
cf-ray
6ebfbb303af092a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1636764264_1636484892rItGZ4vquWk.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636764264_1636484892rItGZ4vquWk.jpg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a18f1c035996d2d0befe9d545c097cd405e47d86f45bb76ab5ea3a8fefe749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdv9EYTBl3wl0DtMwJ8Sfea-2N64C0lY73Le1-1UTNtj2Acw_znLZvN2Vw1raY2O4VxXStirntEYFLDFSAtKQ-c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
1545579
last-modified
Sat, 13 Nov 2021 00:44:49 GMT
server
cloudflare
etag
"58cff4d7002c5b05cdc8ac66c900954e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=cjdusQ==, md5=WM/01wAsWwXNyKxmyQCVTg==
x-goog-generation
1636764289885380
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
1545579
accept-ranges
bytes
cf-ray
6ebfbb303af292a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1636821952_salon1.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636821952_salon1.jpg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c753ec2d20288173731c2cc25fb922481d47999060c1747c5f9b3a7f4cda6ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtpU7dtdbzh00AnfV4BoCi-Idb9ckUj_Aar9Xt9v76GaGhzltdk2EcgfSLH7R73ShLEc53OSF3adM88vu-zYNc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
80052
last-modified
Sat, 13 Nov 2021 16:45:53 GMT
server
cloudflare
etag
"41320baf34832999fc9fa5afa08a9d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=3QSzfw==, md5=QTILrzSDKZn8n6WvoIqddg==
x-goog-generation
1636821953137827
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
80052
accept-ranges
bytes
cf-ray
6ebfbb304b2f92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1605594338_AdobeStock_232955923-scaled.jpeg
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ 		593 KB
594 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1605594338_AdobeStock_232955923-scaled.jpeg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39c0ef7e9bd78d076e41737aa3bef507c7b09c4b6f12143b26ded2b91eb7125

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtsp7ECWM4xjSGEIIFu1h1TuAPQOGz5Zys-6N8eMHyVctYPkiVTx0HNxppIp_-EtJXh3b88cw4cBeN9JjjiKGo
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
606821
last-modified
Tue, 17 Nov 2020 06:25:39 GMT
server
cloudflare
etag
"2fc539f47bdf3f6aa1ed0d03966db744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=mZ7Nug==, md5=L8U59HvfP2qh7Q0Dlm23RA==
x-goog-generation
1605594339161447
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
606821
accept-ranges
bytes
cf-ray
6ebfbb304b3292a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1636821807_pizza%20maker.jpg
assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5dd590f1c586100f1285ee7a/1636821807_pizza%20maker.jpg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfbb39c9ce26192d0c1d4cbba84a8a608e356eff0cd323d09a0d810a8897f8d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtUPnhuFxEYSxiYzCeEuPmvfJ4HGp4I45r8naURRSUPCiHj7jubxxMqKmslUMfdcR9hk2z1uml6P-phtIlsPPuQ6cunnA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
48844
last-modified
Sat, 13 Nov 2021 16:43:28 GMT
server
cloudflare
etag
"d78fdb31f953e78b8a59ae19747a8631"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=L4dLYQ==, md5=14/bMflT54uKWa4ZdHqGMQ==
x-goog-generation
1636821808037187
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
48844
accept-ranges
bytes
cf-ray
6ebfbb304b3392a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1602495767_Tree%20Removal%20AdobeStock_141600960-min.jpeg
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1602495767_Tree%20Removal%20AdobeStock_141600960-min.jpeg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d173f34026544a5963fb8a02314f52b1bdb7370e114bf57e1b2ac261541640

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsSWMKObRZidxBuBdkd6hmjWu7_YoMTZBRLRO3Wf_5D_cHZ7-mbUq3rQIawf0cix9b9T1x8ur46xco-hOsrTk074OeSvA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/jpeg
content-length
35423
last-modified
Mon, 12 Oct 2020 09:42:47 GMT
server
cloudflare
etag
"2b95bc80a2a426a9bf88c1f8c08f7be5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=V+q8Jg==, md5=K5W8gKKkJqm/iMH4wI975Q==
x-goog-generation
1602495767959076
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
35423
accept-ranges
bytes
cf-ray
6ebfbb304b3692a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:15 GMT
x-content-type-options
nosniff
age
435234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:11:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:15 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://ertcmoney.biz/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
via
1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rm84qJu025xjnmeuv611MXMzmFY8PkDoLjquXQ8XKHvsTNGCfawGutpvnx2j%2FzCvdl%2FpEbcFUVNtfoRe8KxUn22x%2FLFcyasUOInNbF0%2B5JT1N3vone6bnP%2Fzn%2BW0rOZ%2FRFCRZNdzbtPeJkSgE0YGjBM5LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6ebfbb303ccf90dc-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
QamhXN6XMzOKF-dmj4_lmEV9WA6H1eSM-lGRqgU24wmQGNQckBU6VA==
1599638309_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		258 KB
259 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638309_Screenshot%202020-09-09%20at%201.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
514f8e5d6519274938e2adf1dd5e958abd1d2e9ee8cefa1ee5bbaa9aa1a095f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsaScy-92J-T8vrQUygddxO8r5CrMqCKeU9N-lcBddJtUOPyJ3yR54RUx_B1YFC0kaNU14evgNE4WQqN5bVlBZhw1YzbA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
264509
last-modified
Mon, 16 Aug 2021 12:48:03 GMT
server
cloudflare
etag
"deac46339d2a9799a918573ba08a4e30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=RSd0CA==, md5=3qxGM50ql5mpGFc7oIpOMA==
x-goog-generation
1629118083149154
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
264509
accept-ranges
bytes
cf-ray
6ebfbb303afd92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1594987612_5-stars.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1594987612_5-stars.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b45f5504b077fbe2d545f3b95edd6a1c393d59dd7e65c8a3c0f981658355fb41

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=3372
x-guploader-uploadid
ADPycdsPlq8SkKViumU3q3uI2GP6I_VGZ5HWbJ1pqc-tv4oQe-12tlM5dGgA9SJoVHRg1SKqXTK3Z-7MVgEGy5wwcHM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1594987612_5-stars.webp"
content-type
image/webp
content-length
1270
expires
Tue, 15 Mar 2022 00:24:09 GMT
last-modified
Mon, 16 Aug 2021 12:46:54 GMT
server
cloudflare
etag
"8a3da401411e750e78b3a1e5a779aff5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=5vawBw==, md5=ij2kAUEedQ54s6Hlp3mv9Q==
x-goog-generation
1629118014545462
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
3372
accept-ranges
bytes
cf-ray
6ebfbb303b0292a2-FRA
cf-bgj
imgq:85,h2pri
1599638326_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638326_Screenshot%202020-09-09%20at%201.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c0a96a2e0c97784664302304156b2a40db0a686791e1549ab6f42acc4b8ad9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=163384
x-guploader-uploadid
ADPycdvMXKHTkMQHq1PUBY4WogtNqanCLUSv1bu7Dm0H8n1vHvH3H4Lx4lnLmaiFCvEq6tV5PP4dVCwGDYRMHTs-X1M
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1599638326_Screenshot%202020-09-09%20at%201.webp"
content-type
image/webp
content-length
60612
expires
Tue, 15 Mar 2022 00:24:09 GMT
last-modified
Mon, 16 Aug 2021 12:48:03 GMT
server
cloudflare
etag
"367f5a51df3b5fd726f8a5d96f4ef149"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=mw6NCA==, md5=Nn9aUd87X9cm+KXZb07xSQ==
x-goog-generation
1629118083333377
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
163384
accept-ranges
bytes
cf-ray
6ebfbb303b0392a2-FRA
cf-bgj
imgq:85,h2pri
1599638341_Screenshot%202020-09-09%20at%201.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1599638341_Screenshot%202020-09-09%20at%201.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5638dd97e7ad856a15ed69e4faf65d676f528096d40becc9a62edb7588a07291

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycduALQ6QsHG6kRHfKTUdcz7mI1Hmyk_O0QhmxcSu7UgVy7u2QAjo3YGSFt5x_H_Li0HywMh71SCQkr-uThqNqEE_klhsMA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
146342
last-modified
Mon, 16 Aug 2021 12:48:03 GMT
server
cloudflare
etag
"e41b60d62cd1542f89aa8bd1b728eec5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=edP21A==, md5=5Btg1izRVC+JqovRtyjuxQ==
x-goog-generation
1629118083514753
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
146342
accept-ranges
bytes
cf-ray
6ebfbb303b0692a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1600932967_noun_Level%201_480108.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600932967_noun_Level%201_480108.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bececd825bd8b845f6b7e4c133166e267c1313e4d8d7f84ec21a634c5ee0f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
EXPIRED
x-guploader-uploadid
ADPycduPMkj6yO7NCnBrLJVxleT51f2k99z5jVU-tEhPVmEDowYn0QGgTyoSKsMoHusI_yT67bmeoCFIfxmG6Lqb9-U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
22514
last-modified
Mon, 16 Aug 2021 12:48:15 GMT
server
cloudflare
etag
"5c49649d511ae0cc6600d9a2e4365e77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=MTCoSA==, md5=XElknVEa4MxmANmi5DZedw==
x-goog-generation
1629118095617334
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
22514
accept-ranges
bytes
cf-ray
6ebfbb303b0792a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1600933000_noun_Level%204_480114.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600933000_noun_Level%204_480114.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c177e9c84d392f24927bacc3365c8bb1515707a3c5dc159c14ab35a23d660a14

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=21680
x-guploader-uploadid
ADPycds_rCbDyIz0bHWi0FiqsBCLNMEAmMLLJ_pTHjOGc7vp0aXhpgqaoA6GcuYbIH93YA-fizTZ1TGdlQ_7IZT1f-tj0Apk5g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1600933000_noun_Level%204_480114.webp"
content-type
image/webp
content-length
4646
expires
Tue, 15 Mar 2022 00:24:09 GMT
last-modified
Mon, 16 Aug 2021 12:48:15 GMT
server
cloudflare
etag
"6681e3379942fe9e42e0caae81a9d49b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=M65Jaw==, md5=ZoHjN5lC/p5C4MquganUmw==
x-goog-generation
1629118095786359
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
21680
accept-ranges
bytes
cf-ray
6ebfbb303b0992a2-FRA
cf-bgj
imgq:85,h2pri
1600933034_noun_Level%206_480107.png
assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ed66fb46b90b50c55d241c9/1600933034_noun_Level%206_480107.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefcaed1e731e6269947209c907c643e8801654b1e6057d309cfbcdc790dd0ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=20826
x-guploader-uploadid
ADPycdvo5rg11L_7XERHMiDcqQb081SpW7_iXwdK0Vg-dngLZMYqjyXfPbxSG3kkZiw2g8AaVMstXINE0rKqu6Fn1aYzhJmYeg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1600933034_noun_Level%206_480107.webp"
content-type
image/webp
content-length
4732
expires
Tue, 15 Mar 2022 00:24:09 GMT
last-modified
Mon, 16 Aug 2021 12:48:15 GMT
server
cloudflare
etag
"5661c65bb8df198418347af96de18ace"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=OQ0aOQ==, md5=VmHGW7jfGYQYNHr5beGKzg==
x-goog-generation
1629118095961057
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
20826
accept-ranges
bytes
cf-ray
6ebfbb303b0a92a2-FRA
cf-bgj
imgq:85,h2pri
1636579332_Ring%20Dots%20Full.png
assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5ec1beec3df0ea0c586b63e7/1636579332_Ring%20Dots%20Full.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fdee17af0a67781a2a9d7dd3c1abae40f81ddfa50e3073aed817a87156e7adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdvuU1bZh8GIHKWdKPyygf98hZ8gYk5Jv32otEfsD1qu-QH5cI7XkvzTs4bE8vlSHQcYJExHdf1inTTz2QbtRkU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
5671
last-modified
Wed, 10 Nov 2021 21:22:13 GMT
server
cloudflare
etag
"6c7617edea8ca8b1802723c3b1a3e9bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=LcbNbQ==, md5=bHYX7eqMqLGAJyPDsaPpvA==
x-goog-generation
1636579333178844
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
5671
accept-ranges
bytes
cf-ray
6ebfbb303b0b92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
form-validation-lib.web.js
assets.grooveapps.com/plugins/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.grooveapps.com/plugins/form-validation-lib.web.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
339810bfdd21c109e97b9f24a25111740aeade7d49f30aedf75b0d22963cb538

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdthDIO8mb0XlNYY6VxCKP_8WQX5O72r5icQpXhERIEgRH7yObMIszyT6a0insX19KEnpNbj4-tzPjVa8qm4CXo
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-type
application/javascript
last-modified
Mon, 14 Mar 2022 17:22:10 GMT
server
cloudflare
etag
W/"8677d1ad3d23990c3854ef4542a80905"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=tr0aWg==, md5=hnfRrT0jmQw4VO9FQqgJBQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1647278530562871
access-control-expose-headers
Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
7339
cf-ray
6ebfbb303b0892a2-FRA
expires
Tue, 14 Mar 2023 20:24:09 GMT
1643050685_ERTC%20FUND%20CONNECTION%20V3%20500x500.png
assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/1643050685_ERTC%20FUND%20CONNECTION%20V3%20500x500.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e058e685236833013f591b2fcb6f1ab01b76da58514d4d4e38bc3dfc90db4a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsgsEqeWEWjhQz7C7ZSRBXXOfYugjbvSlHhh6jaGAIQQYFE8XmnNMvGFSLSN8ZaMZqrY2yI0u3VpNFFdSNxYzY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
44559
last-modified
Mon, 24 Jan 2022 18:58:05 GMT
server
cloudflare
etag
"4af21e9c9a7e18f9f466358ef91a9526"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=m4WXrw==, md5=SvIenJp+GPn0ZjWO+RqVJg==
x-goog-generation
1643050685448493
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
44559
accept-ranges
bytes
cf-ray
6ebfbb303b0c92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
1643050623_Maria%20Reyes%20ERTC%20Fund%20Connection%20Sign%20Off.png
assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.grooveapps.com/images/5e3e4c6e3904150ea457d563/1643050623_Maria%20Reyes%20ERTC%20Fund%20Connection%20Sign%20Off.png
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b742f77eab6bf4c1e5f7984e99f21b71712e7fceb85563b1f5048e4b2e15432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtxeZntbSfQzO9jO8ePDpqWbkz7QBiQJNQi36YMiA3JRkFkADRYsxtYvpP3fKByIAi2U5VjkUbPYtDuBKdKPK0Hm3lstA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
image/png
content-length
55997
last-modified
Mon, 24 Jan 2022 18:57:03 GMT
server
cloudflare
etag
"b7b963a013ef118bebc9cbc6b0e8461c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=2glRmg==, md5=t7ljoBPvEYvrycvGsOhGHA==
x-goog-generation
1643050623891764
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=14400
x-goog-stored-content-length
55997
accept-ranges
bytes
cf-ray
6ebfbb303b0d92a2-FRA
expires
Tue, 15 Mar 2022 00:24:09 GMT
inpage_published.js
app.groove.cm/groovepages/js/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/inpage_published.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f027ea063eee0d6e52cca300261c8769a933de84ffdb7e6a2214d447793444db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:28:27 GMT
server
cloudflare
age
3153
etag
W/"622f6d2b-145c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHolUqI0gUWK3LGsZtau3e5Mly9zSsTQJ1E20BTiOGMRLNDTR9qqALZgH%2FPQLoA0z9knBihzNoJpKH5t%2BuJpvdKMjVk7gxydKgaLqIuaBXueING1MwwDQYOzci05i3tUdWzprL0hVW%2BzE6NC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb304e289b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.js
app.groove.cm/groovepages/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovepages/js/chunk-vendors.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
7KE4VhYEZBAF7a6M9DFD
v1.gdapis.com/api/groovevideo/generate-css/75176/ 		563 B
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/75176/7KE4VhYEZBAF7a6M9DFD
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
0cbf470d7b5d4aa1136de5cf78515a965be83022bc741ffb0a56a27692414c0c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ekmvy1OP7cWlDC2ghCp5ojiINCI515inwkTMj0UbYBZtSbnXrJIVS5cdWYzuI7%2BwlEg8Xht%2Bb%2FekybD9zTBTwrpYL3bIZJJteK72aCnum7lWdtE6hX4Y3sXlPNxRxeFtqGVcq0UIomJbNkiA"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
599
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb30f9ae9c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7KE4VhYEZBAF7a6M9DFD
app.groove.cm/groovevideo/video/75176/ Frame 8EBD
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
  • https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ef137f34034ede7dab91bb685ed06f53bc3e0af23bb7bc2ece5cd7c37d5aeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wQUByo6VXKcAwCHY0atHugcHNBKumcPIxjuKuCH7qvljOu1Jp%2Bf51pnWcS3Ri1ymNLcQl8P9B4%2BY8KjI0ykKgLWPiTwuzN8MraB4o%2FAhcEa0G3AKZ4PlpZYDCTtqREQejhCqi5zY37IwEtP"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb3148b29b8e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 14 Mar 2022 20:24:09 GMT
location
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTp4oYv4Of6d9L3lertIYnL2hoyo6ETgEgVuHFljj%2FU%2FHwKJBa84%2Bn3tHQ%2Bd51uyL4hWO8EyNUtx5ziVnv4EGyijYzNnZmR3bBk0yvft6i71gZEUJQhAy4YMj6MQ6D%2BrkJdSuWxzAm4SSjwBMTeNtfg0F9g%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ebfbb311f909bb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
PLltPxii7EurFNwx1sEj
v1.gdapis.com/api/groovevideo/generate-css/75185/ 		573 B
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/75185/PLltPxii7EurFNwx1sEj
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
534b9466b088388dae143525207b94a0983ee12d7b4e97ce21d7e86709911a24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKH4aiIIzm1KX2ksCJLKJ46QuOOsV28zLP3Dsceb87nodROKACMZpd7yhw3SW5IyePSltlZbkIQhfc70sYCKtN676WzGX3Q4b5DmQfHfEx%2BoV0qBojKrveTv9jyHwpCoWp4UxW8MPwgnqi1L"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
599
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb30f9b69c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
PLltPxii7EurFNwx1sEj
app.groove.cm/groovevideo/video/75185/ Frame 6C43
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
  • https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ef137f34034ede7dab91bb685ed06f53bc3e0af23bb7bc2ece5cd7c37d5aeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5MEQ9WajXEfs%2B2uQMh5dd38lf8pD92KyMP5jSFlxWdZI0%2FppSLzTPiVbzqJQCSmHLNmuG%2BLVvrse9gqkHRjTU%2FShRx8DmfZdgPQUXskAJj%2FunkOGz0DSx5XQzfWuVUkOH9P%2Bfiautl8aoh3"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb3148a29b8e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 14 Mar 2022 20:24:09 GMT
location
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7PGZCxPnvmN7vlDERgLlUiYH407wIXFz21eow4I6Dz2VoadbHr9baK9XqSh3oxJAFBuAaOZgvjNedQMaAjY1w14nFzYg6p%2B4pPbdqZE4emoGkal3yn3YpILTmWvorbSQZHsAICn3D0QJMMMBJBSKFfKflw%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ebfbb311f939bb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
u1kHEnHT9wSJ2kyJJs0e
v1.gdapis.com/api/groovevideo/generate-css/75215/ 		563 B
517 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/generate-css/75215/u1kHEnHT9wSJ2kyJJs0e
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
1eff7b7cd26420f2843c2427d5f8fc24c423827818b0f2d457e9cc32193cea77

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.3.24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxn9zbRu%2FbtNuLLOFmPNP9RoTBb7YLQgp%2B0ThNsSwkgyR8DtLxx6aTiYeO4I9c2OI8blY1gYTthzyHhe8ED3S0bx2SSTkd2YtBjSwH7AtR%2B4GJ%2BYstsEEHn7lQ1xYn4I1GsCFZlOmh9YqZDm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
x-ratelimit-remaining
599
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb3109e69c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
u1kHEnHT9wSJ2kyJJs0e
app.groove.cm/groovevideo/video/75215/ Frame FC09
Redirect Chain
  • https://app.groovefunnels.com/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
  • https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Requested by
Host: widget.groovevideo.com
URL: https://widget.groovevideo.com/widget/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75ef137f34034ede7dab91bb685ed06f53bc3e0af23bb7bc2ece5cd7c37d5aeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-type
text/html
vary
Accept-Encoding
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uPgjgzqHq0H7mebf7ZC0EqzMqIo1HOaqxDWLepVgPcaKFfxMS1igvpcbiJ0lKBCx%2FhMgoAfhn8lLzxqj2yckZULxqFwFb0Fy4TjVLB4u53u5V1GQ27SZazQHWpGkZ0sLUjH9nfz%2BAgb9ilE"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb3148b19b8e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 14 Mar 2022 20:24:09 GMT
location
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSSDcricjCishVORAYSVP8UbAA5ZQdYmU7w67pMC0zmmJCzcKHrmDmXGxTiMYOiLXeS3o5ehmCxCc5PvmCh39Q1LVeHMWHU5g%2BEZ9O8PM%2FCxUMH9qFJwYZpRI2vWRgYD8cNJV3cLkrEDVKm5WBN6tqUXEAc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6ebfbb311f959bb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
435219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22504
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:12:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:30 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:30 GMT
x-content-type-options
nosniff
age
435219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:30:31 GMT
x-content-type-options
nosniff
age
435218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:21:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:30:31 GMT
showFormEmbed
fs22.formsite.com/res/ Frame 49B9 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
53f65de4984ffcc19a791d18a7e586f706dfc20deeb16391fc16a58dd9e632b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ertcmoney.biz/

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-type
text/html;charset=UTF-8
content-length
2789
server
Apache
vary
Accept-Encoding,User-Agent
content-encoding
gzip
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:09:18 GMT
x-content-type-options
nosniff
age
440091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12408
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:09:18 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v19/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v19/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 18:04:09 GMT
x-content-type-options
nosniff
age
440400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12924
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 17:39:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 18:04:09 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v47/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 23:31:07 GMT
x-content-type-options
nosniff
age
334382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17864
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:07:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Mar 2023 23:31:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:23:20 GMT
x-content-type-options
nosniff
age
49
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 20:23:20 GMT
BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v16/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsansnarrow/v16/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f54e39446dc1a3407191e704a37aa5da2d12fbdeac8842b6c3a5648377f3e688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 20:02:17 GMT
x-content-type-options
nosniff
age
433312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51132
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:12:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 20:02:17 GMT
free-fa-regular-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b

Request headers

Referer
https://ertcmoney.biz/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
via
1.1 1d306dc69347ed17cde7ecdf2fbdbf88.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TXL50-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13216
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"b8f1c6a3a94d42b082c29f0b1db8ba95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcSlrdOZH3uczIQEP1jWMD6p4NyfqV6A5XR58T%2FW64uuFVD0Ry5khmclB%2B9SHgmbd9n9KYIvJzgiI8fKMW3avQ13wsGwUNuPgAftLKwNAvfLTOE5NNuR61MLAwmvp1beoHzNe7WSdYz6NUerVrl6NIXSfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6ebfbb318f6190dc-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
0TBxJ5lhXCWzkfDShOlZJaKdLcXcjJfkkw2funNKUmEqY_3cvZK16A==
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 17:58:32 GMT
x-content-type-options
nosniff
age
440737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 17:58:32 GMT
BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v16/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsansnarrow/v16/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ertcmoney.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 20:03:45 GMT
x-content-type-options
nosniff
age
433224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36220
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:13:07 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 20:03:45 GMT
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame FC09 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1536838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQVOoqIB8DZR9FSiGADpqz3fm5bGYdwCmRRDcAe6WP4HPHSt5nSqhxey%2BI9lEKcNGj%2BmTeEQdG9u18y2JdNBilO6ka5n7gkapbPcVyRiniQ6O0BevqMBbQCiDNxMyCcIvJ4y6SDY710AwM2P3tJU69yx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e759945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame FC09 		470 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5775926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuEtfjZOmz8UCQL88HBkAglRlan5OEFJrFElskENys2ZdH5Q49qz64uqC7VJ6t89ed1ihEw22qNuTD4tPcOzjG5seow%2FWyfzZdTdQg6%2FZ3ijRVxUScL%2BRx7ISMQSBhdHjHeq6Qn%2BJDSDQinPia9iZnlw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e929945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame FC09 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4191723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGPG0TmxlA33B4FIkIPzUMTphy0UXJhGFFW3Bo1LYKX%2BOJG8SF5gUXkBhOk6r%2BOLqa8yBY%2B6vR4aprMgFJXTwuMCeNfp%2Bu0zwdqjMAMHMy0%2FK3%2FXcqJHmPRowz%2Bn96QhUQXwkOrikgCslhtevt%2FabYg1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e859945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
css2
fonts.googleapis.com/ Frame FC09 		12 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:24:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:09 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame FC09 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1650905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMQrq9Hw22VtTHkElMIKp3Fia71WqO7LMaLRNubKXVldHQJHK1BoK%2FIyGVHnH8wQicpNzjY4ZvW7fMGbRbT3G2Ieh53bckYVOfn6Kue1WAoByN0UU0Xz%2Fn2pNVUV6Q8wWI7EtQVSZ264iaUA9P7TcsVK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e7d9945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
app.698d7196.css
app.groove.cm/groovevideo/css/ Frame FC09 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/app.698d7196.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743baa0b70422873ebd3feae4c17a0c65cad663f9074800a99852a5f1d94d4f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-e5f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2Bs4OqQA5a%2BfdN%2BBJVQIyxFqniJMZLnS3UrP9YTwzqqW9APRxiF2Hi8FPAsVTw1MIGPK4cAquG9KhSAV8tOog1m7HRA8LjEkkGLQdHtv9WR%2FrBKaslzCQW4pRprDeZ62tNADDZjgz%2BLpc5fQ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b849b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.b2eb74f3.css
app.groove.cm/groovevideo/css/ Frame FC09 		2 MB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1e7069"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0GNWVWpEr9rGHUhcfzDLcAvRyoW6AcVQMEek%2BjU%2F2qE83fs531SxjgqWeg7Fj7bix9Kjd6SBeNA61WIcOwUakY45UPE60YJDMbMo25fZkfisYCV43fWrv3ixcyFHKoo9MADj3APR3kPMiNG8"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b859b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.561cae14.js
app.groove.cm/groovevideo/js/ Frame FC09 		2 MB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/app.561cae14.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9a0a2fe54d6d2876047599356795e911ae1086a29b7e921aebd48635629c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1aadda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzMbTiGv8EB3RCKzBij%2F90jlHJx3s%2FCjq5c46IqrL71%2BE%2Fmw3Ry8OFDqr6RVXfVAqTx184Q72bue3wxVZMHJxzArLMNHWqX09HFzmLShlENaJQrnSfNlaW%2BltVuStHyzdA%2FadRgfFshO2X4x"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b869b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.0e04fe5e.js
app.groove.cm/groovevideo/js/ Frame FC09 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5facaa312d07cddbff9f88d0f41cfd97c4d63be53ce7dfc4fb7f778e366b22f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-77054f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj9NFFwx0N3ov2GGaEdLvPNPhUHFIM4bU1ng9pfQc0OrOEk4zESz4U2MDXIKf5c1ydc1wtTc58K3QJFtqfL0LaWWKYfofewwbPbPJ5Ocyn5CBVgMFZzHCvSQDqWfr%2Fr03wem5%2BffWLB00%2FL9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b879b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame FC09 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 07:00:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"5bd1-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
7e1e4b04883baaf4358fb2e992de599d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 8EBD 		39 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1536838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAbkZ%2B4HaD1vimDIQfaQsQCBmBcUSXMu1Rn52SDM6zV8Te9c0up%2B0uVsK3AVuP8TySI4Ne8zO950G%2BVDF5BD8wdjJdVewC1LRAhd01yIFxMot%2BmpesxTpJbk3uL6FyAp13FQmiFMWNSeI8gsDWMoucdu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e7e9945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 8EBD 		470 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5775926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nlx6BwrNxnzi37uAyCIBYDPWe8yw%2FToi8ayR%2B0n0bePLIIR3PVXjCvfvLtfPoV%2Fb9BmQV%2FNzoGvwYHTWWxzHhc%2BXH7UNONXicBUNRDySltjtgMRnkFxNqTD%2FXnylAf%2FHd46G7hKx%2FN5V8H5gCHBfG12F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e959945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 8EBD 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4191723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BHKAGRhDHmwBPFmaLsGJKJr4k3ND5Q2bvGVFsyC3WElhfQbtsXGaqNgiTlsFmn5d%2Fbf8nd%2Bv0XbPQxT%2FQ%2B0zACpa16BDkyVm5Ow9MGOEOjI0AK0PZGIxFFNsGl6nEXWXrFFjnwSnQlwcyO30mc3fQqc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e969945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
css2
fonts.googleapis.com/ Frame 8EBD 		12 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:24:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:09 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 8EBD 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1650905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G14AzT8PxIsc2IYJYgKdEFHSFrq9FY5g2lireXMdHrP4P%2BRIyAUiq7ZqEqglcT%2BZz2SwcseyNQ4%2B0m9Fbs18yLyr0%2F%2FdBCY6Fhbw6YKcrEDZTqkI8hT%2B6ARMSCYVQRA3FtE8w6KEpxzH7Ox9%2Br4EF4LF"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e7f9945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
app.698d7196.css
app.groove.cm/groovevideo/css/ Frame 8EBD 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/app.698d7196.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743baa0b70422873ebd3feae4c17a0c65cad663f9074800a99852a5f1d94d4f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-e5f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2m%2B3D52fUnzIr91jy8XQ7CrhcqUov0833WDiSWxwYAMXFIXhyf5bZF2JE3YGFJuQfl9ZpzFwXyNq6X384bNtkzCHKDxMRLj4r4RQvH70YEMrAGDaZyV09oGz7qXn0fTcEeUmxs7oKlPugvM"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b8a9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.b2eb74f3.css
app.groove.cm/groovevideo/css/ Frame 8EBD 		2 MB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1e7069"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4tnYBkv4EhrHKHGFWOJLJzsmYTOpCHFzxaUR0HtHIxFqcyUYIhyWwJ8r5v9p79Vkg8%2F6w%2Fbwstx7jSsUNcJl262cZQTIB9gw%2BVOWnXvPtQWz7T96iyXOoEAezNAVio0cCryNkw32FB2kfwc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b8c9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.561cae14.js
app.groove.cm/groovevideo/js/ Frame 8EBD 		2 MB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/app.561cae14.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9a0a2fe54d6d2876047599356795e911ae1086a29b7e921aebd48635629c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1aadda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVE5BuhTQ7WmP1KA7fvI2%2BNR3UIzLZk2Car%2B432dZXOxWX1TYJWcVUHg8NLg2MdRP1oHjEU88S5jdmpZQXN2N6hlZswNdPiiU4r0tlUXl4Bd5OsKqV5cV0Xye5B7LpvhjEsV0j1bdtP8gXH5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b8f9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.0e04fe5e.js
app.groove.cm/groovevideo/js/ Frame 8EBD 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5facaa312d07cddbff9f88d0f41cfd97c4d63be53ce7dfc4fb7f778e366b22f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-77054f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDJbfB%2FYSiQGM1ykvKe%2BaSDkg3BJMUjbnluoQWeXg7GOXYOkuGd2UWTOeIvvbZ9RU8O6W8I%2BMI4jf3X8AO14KpoOyIZz5xf12i2ftgSthpN3YS%2F3wOCbf%2F5gFfSf0QtUq8ynhaa27w4U1xKq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb357b929b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 8EBD 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 07:00:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"5bd1-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
2ad0e38bc8aaa0b7c4f6735499fa2c8f
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 6C43 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video-js.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1536838
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9046
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-9c5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUqWEuUs9bjtkweYzgv5qL4gszQE7taukwSllZcbOScOP146NSEJDr%2F1wcQsexwJnOVed7FbCg0uI7FCb5u9%2FUbhczeYTXgJJgCODQylwLHrdJYPvzQNsqvDZ8UlfV7wvFcLj6%2BmtZi8iDF8YNHUf8Pe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e799945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
video.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/ Frame 6C43 		470 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/7.6.6/video.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5775926
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107564
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401f-757c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVhXEL0OrQGosu8nNwgUZDaR6gVE3bDvr8AoE%2B9SQNooGMNi7IfhIUq5KlNJWsVNx9pljrHcpba%2F67j3PUpYtGrzEsuwyrtQG%2BBC45q7bR9X61PMjzWVJHtLIkbooyqPLc13ll%2F%2FBif5Bu8FC6Wbow39"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e939945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
videojs-ie8.min.js
cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/ Frame 6C43 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/video.js/5.2.2/ie8/videojs-ie8.min.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4191723
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5911
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0401e-4a99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHghN7BTmZRosGySw2O1IV0PLxjAht6%2F1cQJocJQClJKQqDyDn7%2FAoApWLQXNE%2B0jHGPm%2FJsL0khwsGxyoV8sACNQQo%2FhP1AFApqXPGod0jhXhJKwXtIrtKXkX1LEi6fq0ykfZpNqTeAp9oMu6VG6Sjj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e839945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
css2
fonts.googleapis.com/ Frame 6C43 		12 KB
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;0,900;1,400&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:19:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:09 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:09 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ Frame 6C43 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1650905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fva1JMJkkTOtU%2FxkhkStpjB29i1XpugkUq74AyQLQZWOlKUYcUuSQ2meEwNYTbtv5byJ3gAog961g4k8T6hRuhamOny%2BLFZHopk7KaXy8yJ9fL1Tda4Fj%2F6IjFGbBcg0i8zDBcDAfj0WRb%2F7ff2f8FYY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6ebfbb359e7b9945-FRA
expires
Sat, 04 Mar 2023 20:24:09 GMT
app.698d7196.css
app.groove.cm/groovevideo/css/ Frame 6C43 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/app.698d7196.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743baa0b70422873ebd3feae4c17a0c65cad663f9074800a99852a5f1d94d4f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-e5f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aB5YZVtKwSNCLog28hSmUKxUi4YQP9dlXKnfsNdDooXLSS61TfocFWZzO70ElwaW6rYMbifpVO2p5wHcYXV6%2FzvKyHI4sVj0D8%2B%2BqsMGmUhG7h5sUse6CBte81OJlIdx8gXwH4oyGpQB2%2Fvh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb358b969b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.b2eb74f3.css
app.groove.cm/groovevideo/css/ Frame 6C43 		2 MB
213 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1e7069"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zgNLnVXXyYPTX%2B8AP22YLQi7%2BkHBbG0lkabjphUNrQB2BYxJj%2B97G7YNzqefB4oYBqhtRA2OKP2bq9pP02Whxpkpg6dBUGSD22RqWzgmQIemlJcaz0TfVJ%2BK03F6iZp%2FbCtfzOlRci0fN%2FxE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb358b999b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.561cae14.js
app.groove.cm/groovevideo/js/ Frame 6C43 		2 MB
325 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/app.561cae14.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9a0a2fe54d6d2876047599356795e911ae1086a29b7e921aebd48635629c98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-1aadda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRj0Q62Cn5QL6u0YiKumM897nmE1ntZIOxuetNanqkEYOUWuZrg%2F%2FSGKvkx5iUmHMHCQoTxts1vH1PXKPZ0p4CXCGceY46kFWvSYJvlyZ0sLrvbOsMGdHauvZdfwzDytw1LXpbjKbmdK%2FNkS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb359bb89b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.0e04fe5e.js
app.groove.cm/groovevideo/js/ Frame 6C43 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5facaa312d07cddbff9f88d0f41cfd97c4d63be53ce7dfc4fb7f778e366b22f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 16:46:05 GMT
server
cloudflare
age
2955
etag
W/"622f714d-77054f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fcfvz9ADKDXEuJqI5BgCZMjIulPAz7aknC6S8SUQQyjUPy8qfxaeDnuhuV4BhlIsv50G93yu8kQFbZw84sUVFm4OmOW%2Fe%2Bp0dV7GcuAVaQ23WR8HkYcx1JJA1J%2B66heZfxm7z62fOusMjikG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb359bb99b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget.min.js
cdn.productstash.io/js/ Frame 6C43 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.productstash.io/js/widget.min.js?v=0.8
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 07:00:53
cdn-pullzone
173232
content-encoding
br
vary
Accept-Encoding, Accept-Encoding
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"5bd1-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
application/javascript; charset=UTF-8
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
32fd0b83873b0fb90cf6df8a5bd0043e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ Frame 49B9 		36 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:45:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8422
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 01:45:57 GMT
fonts8.css
fs22.formsite.com/include/form/ Frame 49B9 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/fonts8.css?5288495152439
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9221b2c07e1ad6a168982f0fbb342131b2e96c0ebe5902d98653d3a546a34632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 13:46:26 GMT
server
Apache
etag
"4e63-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
4202
expires
Mon, 21 Mar 2022 20:24:09 GMT
screen8.css
fs22.formsite.com/include/form/ Frame 49B9 		20 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/screen8.css?5288495152439
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6b223bb6c3fb8210034350b25e704c74c30d87756cdda5432b4649483e366e78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 15:07:12 GMT
server
Apache
etag
"4f2f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
8161
expires
Mon, 21 Mar 2022 20:24:09 GMT
responsive8.css
fs22.formsite.com/include/form/ Frame 49B9 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/responsive8.css?5288495152439
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
faa7999a9bc916746448d20ba389c7360faea9bc01a9e53fc08275e565cbf399

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 15:07:12 GMT
server
Apache
etag
"bb2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
876
expires
Mon, 21 Mar 2022 20:24:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ Frame 49B9 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 11:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 11:22:52 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ Frame 49B9 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 13:20:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198218
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Mar 2023 13:20:31 GMT
form8.js
fs22.formsite.com/include/form/ Frame 49B9 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/form8.js?5288495152439
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7b47ae80afa3203ba35b6f17e9a9c0641ac3f8f5d37b3ae9f01f06730b1e7ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
gzip
last-modified
Wed, 10 Nov 2021 15:07:12 GMT
server
Apache
etag
"6c5c-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
7457
expires
Mon, 21 Mar 2022 20:24:09 GMT
embed.js
fs22.formsite.com/include/form/ Frame 49B9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/embed.js
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:09 GMT
content-encoding
gzip
last-modified
Mon, 30 Mar 2020 16:25:53 GMT
server
Apache
etag
"8fe-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
855
expires
Mon, 21 Mar 2022 20:24:09 GMT
print8.css
fs22.formsite.com/include/form/ Frame 49B9 		375 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fs22.formsite.com/include/form/print8.css?5288495152439
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.204.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-204-227.compute-1.amazonaws.com
Software
Apache /
Resource Hash
fe096c1a1b3636490559c3e3d5c51dedcfed669ef95394071a765d922937dc6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fs22.formsite.com/res/showFormEmbed?EParam=m_OmK8apOTBq9zAPECUmc4YvBMmXmdLwdgTYVfxeOgg&1300974183&EmbedId=1300974183
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
content-encoding
gzip
last-modified
Mon, 01 Apr 2019 18:07:07 GMT
server
Apache
etag
"177-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
200
expires
Mon, 21 Mar 2022 20:24:10 GMT
e2ce1bc8-32ca-4e0e-80ac-c0f6b19c6aae
https://app.groove.cm/ Frame FC09 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/e2ce1bc8-32ca-4e0e-80ac-c0f6b19c6aae
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ Frame FC09 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8e90b3507ea496e8e6f6402aabc02aa698cd8b2428713025994059763e535f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71902
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Mar 2022 20:24:10 GMT
css2
fonts.googleapis.com/ Frame FC09 		714 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:24:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:10 GMT
04c6a87e-e0ec-4eaf-85f8-58738700c5b2
https://app.groove.cm/ Frame 8EBD 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/04c6a87e-e0ec-4eaf-85f8-58738700c5b2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ Frame 8EBD 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8e90b3507ea496e8e6f6402aabc02aa698cd8b2428713025994059763e535f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71902
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Mar 2022 20:24:10 GMT
css2
fonts.googleapis.com/ Frame 8EBD 		714 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 20:24:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:10 GMT
gtm.js
www.googletagmanager.com/ Frame 6C43 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b8e90b3507ea496e8e6f6402aabc02aa698cd8b2428713025994059763e535f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:10 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71902
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Mar 2022 20:24:10 GMT
css2
fonts.googleapis.com/ Frame 6C43 		714 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abril+Fatface&family=Amatic+SC:wght@400;700&family=Architects+Daughter&family=Asap:wght@400;700&family=Balsamiq+Sans:wght@400;700&family=Barlow:wght@400;700;900&family=Bebas+Neue&family=Bitter:wght@400;700;900&family=Cabin:wght@400;700&family=Cairo:wght@400;700&family=Cormorant+Garamond:wght@400;700&family=Crimson+Text:wght@400;700&family=Dancing+Script:wght@400;700&family=Fira+Sans:wght@400;700;900&family=Fjalla+One&family=Indie+Flower&family=Josefin+Sans:wght@400;700&family=Lato:wght@400;700;900&family=Libre+Baskerville:wght@400;700&family=Libre+Franklin:wght@400;700;900&family=Lobster&family=Lora:wght@400;700&family=Martel:wght@400;700;900&family=Merriweather:wght@400;700;900&family=Montserrat:wght@400;700;900&family=Mukta:wght@400;700&family=Noto+Sans+JP:wght@400;700&family=Noto+Sans+KR:wght@400;700;900&family=Noto+Sans:wght@400;700&family=Noto+Serif:wght@400;700&family=Nunito+Sans:wght@200;300;400;700;900&family=Nunito:wght@300;400;700;900&family=Old+Standard+TT:wght@400;700&family=Open+Sans+Condensed:wght@300;700&family=Open+Sans:wght@300;400;700&family=Oswald:wght@400;700&family=Overpass:wght@400;700;900&family=Oxygen:wght@300;400;700&family=PT+Sans+Narrow:wght@400;700&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&family=Pacifico&family=Playfair+Display:wght@400;700;900&family=Poppins:ital,wght@0,400;0,700;1,900&family=Raleway:wght@400;700;900&family=Roboto+Condensed:wght@400;700&family=Roboto+Slab:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&family=Rubik:ital,wght@0,400;0,700;1,900&family=Shadows+Into+Light&family=Signika:wght@400;700&family=Slabo+27px&family=Source+Code+Pro:wght@400;700;900&family=Source+Sans+Pro:wght@400;700;900&family=Source+Serif+Pro:wght@400;700;900&family=Tajawal:wght@400;700;900&family=Titillium+Web:wght@400;700;900&family=Ubuntu:wght@400;700&family=Work+Sans:wght@400;700;900&display=swap
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/css/chunk-vendors.b2eb74f3.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 19:49:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Mar 2022 20:24:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Mar 2022 20:24:10 GMT
ac3082f5-8909-4729-8340-e59b0f1e735f
https://app.groove.cm/ Frame 6C43 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/ac3082f5-8909-4729-8340-e59b0f1e735f
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
0dTEPzkLWceF7z0koJaX1A.woff2
fonts.gstatic.com/s/raleway/v22/ Frame 49B9 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v22/0dTEPzkLWceF7z0koJaX1A.woff2
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/include/form/fonts8.css?5288495152439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fs22.formsite.com/
Origin
https://fs22.formsite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 19:51:02 GMT
x-content-type-options
nosniff
age
520388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 19:51:02 GMT
zOdksD_UUTk1LJF9z4tURA.woff2
fonts.gstatic.com/s/cinzel/v12/ Frame 49B9 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cinzel/v12/zOdksD_UUTk1LJF9z4tURA.woff2
Requested by
Host: fs22.formsite.com
URL: https://fs22.formsite.com/include/form/fonts8.css?5288495152439
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
304cbbc575c227a24f183d9800167ab06418327356f73099404136d8bb9a6c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fs22.formsite.com/
Origin
https://fs22.formsite.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 22:06:04 GMT
x-content-type-options
nosniff
age
512286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24996
x-xss-protection
0
last-modified
Tue, 04 May 2021 22:35:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 22:06:04 GMT
player.js
cdn.tooltip.io/static/ Frame FC09 		471 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
x-amz-request-id
DCPKY563Q2G1YM7W
x-edge-location
defr
x-cache
HIT
content-length
81741
x-amz-id-2
hK094/iO2eve51ml82A9gv4uHJxKdo5vcLTXUkxDVQoj8eh0bVq7Yz0AYyOnI2XKM4Gy/y/hTHk=
last-modified
Mon, 22 Nov 2021 13:04:15 GMT
server
keycdn-engine
etag
"2896ec2e8a5ff49a48bd72727bd02ce2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires
Mon, 21 Mar 2022 20:24:11 GMT
iframe_api
www.youtube.com/ Frame FC09 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Mon, 14 Mar 2022 20:24:11 GMT
matomo.js
matomo.groovetech.io/ Frame FC09 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 18:03:47 GMT
server
cloudflare
age
3991
etag
W/"fa13-5d9e1091b9702-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOXZz4LuX117ROIMKh%2FrjZn0Gxd6CaoUVj7xjBUtz2vlBnlVxJUBlpbYkB%2FNgVVp4ZddlFt3HQFfWW2JXDBIsCiB%2BQRpQ%2BLn00Xnxnpb4jIPB%2FmUrDyDXnkDE%2FicR7USO0gia64qb9BwpUt2GF3lmiK6ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb406dd45c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bbe0087d-ceca-441c-85ec-912864767854
https://app.groove.cm/ Frame FC09 		98 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/bbe0087d-ceca-441c-85ec-912864767854
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4535a5a1a7d9c87ef6e0523db857e1e2758d95f4fe3c12f137a30255b67cf3dc

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
player.js
cdn.tooltip.io/static/ Frame 8EBD 		471 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
x-amz-request-id
DCPKY563Q2G1YM7W
x-edge-location
defr
x-cache
HIT
content-length
81741
x-amz-id-2
hK094/iO2eve51ml82A9gv4uHJxKdo5vcLTXUkxDVQoj8eh0bVq7Yz0AYyOnI2XKM4Gy/y/hTHk=
last-modified
Mon, 22 Nov 2021 13:04:15 GMT
server
keycdn-engine
etag
"2896ec2e8a5ff49a48bd72727bd02ce2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires
Mon, 21 Mar 2022 20:24:11 GMT
iframe_api
www.youtube.com/ Frame 8EBD 		980 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Mon, 14 Mar 2022 20:24:11 GMT
matomo.js
matomo.groovetech.io/ Frame 8EBD 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 18:03:47 GMT
server
cloudflare
age
3991
etag
W/"fa13-5d9e1091b9702-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dP466bt2YAtsFyImpvoldiH5hn%2FPliwvGuhKw2DMX8hsr2jHVele8nz9q0VutDuF5uv858m3kLwd3rw1nB2lWI1Z565TptqSexljdMo4wBSgnPtG9Yzsr1zIhXTqpo9TBzy1JMBPMa%2FsWDxuAzJ0q08WlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb41f8a75c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ed690493-9384-4329-b570-c36bad07782e
https://app.groove.cm/ Frame 8EBD 		98 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/ed690493-9384-4329-b570-c36bad07782e
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5df0c0466aaf816cc5ad0f2a818f1e732be1fe4c562252ddf5f585689f3870ec

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
player.js
cdn.tooltip.io/static/ Frame 6C43 		471 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tooltip.io/static/player.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
x-amz-request-id
DCPKY563Q2G1YM7W
x-edge-location
defr
x-cache
HIT
content-length
81741
x-amz-id-2
hK094/iO2eve51ml82A9gv4uHJxKdo5vcLTXUkxDVQoj8eh0bVq7Yz0AYyOnI2XKM4Gy/y/hTHk=
last-modified
Mon, 22 Nov 2021 13:04:15 GMT
server
keycdn-engine
etag
"2896ec2e8a5ff49a48bd72727bd02ce2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
link
<https://s3.amazonaws.com/tooltip-static-player/static/player.js>; rel="canonical"
expires
Mon, 21 Mar 2022 20:24:11 GMT
iframe_api
www.youtube.com/ Frame 6C43 		980 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Mon, 14 Mar 2022 20:24:12 GMT
matomo.js
matomo.groovetech.io/ Frame 6C43 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.js
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Mar 2022 18:03:47 GMT
server
cloudflare
age
3992
etag
W/"fa13-5d9e1091b9702-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BmFh9g4frPXc6e0ZdBwri%2FE1CCXjmCFBf43urr23vEselz%2FscLEuGmI%2FURJ9VivrSDQlOwNqmpxxiflejpjFzSp9WeQ0hOQau0LIeroNMpbmf0iE8cXGlBx7UofdGHBbTTL2b9vckra8ns4rHQiVKTmKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb435b425c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4dde55c8-8304-4548-94b9-114302ddc1c3
https://app.groove.cm/ Frame 6C43 		98 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://app.groove.cm/4dde55c8-8304-4548-94b9-114302ddc1c3
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1b07d64848958713a6240e0a4323c7c86d7e01111c517a7de75a93470a8c509

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
98
Content-Type
text/javascript
ping
api.loopedin.io/v1/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 14 Mar 2022 20:24:12 GMT
Via
1.1 vegur
ping
api.loopedin.io/v1/users/ Frame FC09 		3 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
46
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame FC09 		525 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
811bd5062c7158f0ba31eecebb22691a0f9418912aa6e4dae347c95295a59d87
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-g6gxjSV2LXzjynlp/uVtqcjNK+I"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
49
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
notification.png
cdn.productstash.io/images/ Frame FC09 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 17:17:35
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"484-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
276d18bf4d97939c9b10d7d45cdb9e43
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 14 Mar 2022 20:24:12 GMT
Via
1.1 vegur
notification.png
cdn.productstash.io/images/ Frame 8EBD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 17:17:35
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"484-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
b7f7c70e377568b08218c47a290fc829
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 8EBD 		3 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
45
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 8EBD 		525 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
811bd5062c7158f0ba31eecebb22691a0f9418912aa6e4dae347c95295a59d87
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-g6gxjSV2LXzjynlp/uVtqcjNK+I"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
48
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
ping
api.loopedin.io/v1/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Connection
keep-alive
Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Dns-Prefetch-Control
off
Expect-Ct
max-age=0
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Referrer-Policy
no-referrer
X-Xss-Protection
0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Headers
Content-Type,Authorization
Content-Length
0
Date
Mon, 14 Mar 2022 20:24:12 GMT
Via
1.1 vegur
notification.png
cdn.productstash.io/images/ Frame 6C43 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.productstash.io/images/notification.png
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.93.2.243 Paris, France, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-93-2-243.datapacket.com
Software
BunnyCDN-FR1-827 /
Resource Hash
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
via
1.1 vegur
x-content-type-options
nosniff
cdn-edgestorageid
827
x-dns-prefetch-control
off
cdn-cachedat
03/10/2022 17:17:35
cdn-pullzone
173232
content-length
1156
x-xss-protection
1; mode=block
server
BunnyCDN-FR1-827
last-modified
Sun, 06 Feb 2022 15:21:19 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-frame-options
SAMEORIGIN
etag
W/"484-17ecfa00998"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
cdn-cache
HIT
cdn-uid
48a72dd7-1732-4103-a906-fc257bffa1c1
cache-control
public, max-age=31536000
cdn-requestid
c0f953783621edaa7c26ea2c909ffdc2
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
ping
api.loopedin.io/v1/users/ Frame 6C43 		3 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/v1/users/ping
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
X-Frame-Options
SAMEORIGIN
Etag
W/"3-n5rwKVhboBTgfNORDKl2z1YWBhY"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
44
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
app-config
api.loopedin.io/ Frame 6C43 		525 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.loopedin.io/app-config?product_id=f634edf5-70e7-429d-8c94-c26dfaeaee26&timestamp=0&public=true&user=public&domain=app.groove.cm
Requested by
Host: cdn.productstash.io
URL: https://cdn.productstash.io/js/widget.min.js?v=0.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.128.72.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-72-146.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
811bd5062c7158f0ba31eecebb22691a0f9418912aa6e4dae347c95295a59d87
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Dns-Prefetch-Control
off
Date
Mon, 14 Mar 2022 20:24:12 GMT
Connection
keep-alive
Strict-Transport-Security
max-age=15552000; includeSubDomains
Vary
Accept-Encoding
Content-Length
525
X-Xss-Protection
0
Referrer-Policy
no-referrer
Server
Cowboy
Etag
W/"20d-g6gxjSV2LXzjynlp/uVtqcjNK+I"
Expect-Ct
max-age=0
X-Ratelimit-Remaining
47
Access-Control-Allow-Methods
GET
X-Download-Options
noopen
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
X-Ratelimit-Reset
1647289457
X-Ratelimit-Limit
50
Content-Type
application/json; charset=utf-8
config.js
app.groove.cm/config/ Frame FC09 		324 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 17:03:55 GMT
server
cloudflare
age
2953
etag
W/"622f757b-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEgaPt7TPh%2BBManU9i88z4KxUlE5hagGIwrQzKNqP%2BMpclgzPUfgLOsWlS9wWJiLU7OdwSzmpSe7T3hr05uSFXqcTACIwfGyEmD3WCtHBKGimmgE%2FAlJ%2FdnYeTtTGo3CtOBBahN36ek67TAp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb45f8e89b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config.js
app.groove.cm/config/ Frame 8EBD 		324 B
446 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 17:03:55 GMT
server
cloudflare
age
2953
etag
W/"622f757b-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wie6iIrR%2FOhdsE5tzZWDdklNfWKODNha1Tc9EuIZiCX9YJ5htF7kHeEiASHN9nMftqAmk7eqVrhFeOtID0gg9ySNCkxbxUf4dBYAxTdSeSb85qvG4FKgsHmpWJycBszHj%2F7ePMsTPy3Af2sq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb45f8fa9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config.js
app.groove.cm/config/ Frame 6C43 		324 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.groove.cm/config/config.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Mar 2022 17:03:55 GMT
server
cloudflare
age
2953
etag
W/"622f757b-144"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25pgmWLnV8HE5LxSANO9LW4NZ2CkDODhpR1POJ1dFjBgeNavKmi6SV6HerCXVnyNLq%2F6aQXLWYdB3scJdMLOE9uIgArbh04DVgvl7b%2Bwr3YVM%2FdMDvYYH1AO3JUP3pCt4wKI2EFQieg2xXYZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ebfbb46090f9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ae6893d8-cd70-4474-b00c-3812c0a0d4ab
pp.signalayer.com/ Frame FC09 		2 B
260 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pp.signalayer.com/ae6893d8-cd70-4474-b00c-3812c0a0d4ab
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.251.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-251-165.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
server
nginx/1.15.8
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
2
ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
data.tooltip.io/player/fetch/ Frame FC09 		54 B
500 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.tooltip.io/player/fetch/ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a600:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:21:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"21c5d7ac3026c86f166a0e24b12b2b5d"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
54
x-amz-cf-id
4O-MozyKu3ULCg77Jdw9cg8BwrIjDQOK0O_CCh7x_gSkvHq2S3wPBg==
js
www.googletagmanager.com/gtag/ Frame FC09 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
457de0698cbe77a5d3b2c52b27760c5edaefe2f9583992bb3e41cfda9f1d1f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64522
x-xss-protection
0
expires
Mon, 14 Mar 2022 20:24:12 GMT
analytics.js
www.google-analytics.com/ Frame FC09 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
512
date
Mon, 14 Mar 2022 20:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Mar 2022 22:15:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame FC09 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14889
x-xss-protection
0
server
cafe
etag
11178597599353190569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Mar 2022 20:24:12 GMT
ytc.js
s.yimg.com/wi/ Frame FC09 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 14 Mar 2022 19:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1788
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
ASzqrg8qODAtJORwEY3lNIFL93v71YY0l013LnhO/sDmeOHyxGVvhQFrWD3hNmKh/uiFXUimWR4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
C47CJQBY1YPME9TB
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame FC09 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AB44B2F073949D39DECAD6C4B92844F Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
ld.js
static.criteo.net/js/ld/ Frame FC09 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Mar 2022 20:24:12 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame FC09 		0
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.124.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-124-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
access-control-allow-credentials
true
content-length
0
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers
Session-ID
js
www.googletagmanager.com/gtag/ Frame 8EBD 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
457de0698cbe77a5d3b2c52b27760c5edaefe2f9583992bb3e41cfda9f1d1f5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64522
x-xss-protection
0
expires
Mon, 14 Mar 2022 20:24:12 GMT
analytics.js
www.google-analytics.com/ Frame 8EBD 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
512
date
Mon, 14 Mar 2022 20:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Mar 2022 22:15:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 8EBD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14889
x-xss-protection
0
server
cafe
etag
11178597599353190569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Mar 2022 20:24:12 GMT
ytc.js
s.yimg.com/wi/ Frame 8EBD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 14 Mar 2022 19:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1788
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
ASzqrg8qODAtJORwEY3lNIFL93v71YY0l013LnhO/sDmeOHyxGVvhQFrWD3hNmKh/uiFXUimWR4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
C47CJQBY1YPME9TB
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 8EBD 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA72B85F14B349D4A2AD50CB1A5D4153 Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
ld.js
static.criteo.net/js/ld/ Frame 8EBD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Mar 2022 20:24:12 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 8EBD 		0
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.124.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-124-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
access-control-allow-credentials
true
content-length
0
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers
Session-ID
ae6893d8-cd70-4474-b00c-3812c0a0d4ab
pp.signalayer.com/ Frame 8EBD 		2 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pp.signalayer.com/ae6893d8-cd70-4474-b00c-3812c0a0d4ab
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.251.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-251-165.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
server
nginx/1.15.8
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
2
ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
data.tooltip.io/player/fetch/ Frame 8EBD 		54 B
506 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.tooltip.io/player/fetch/ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a600:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:21:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"21c5d7ac3026c86f166a0e24b12b2b5d"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
RefreshHit from cloudfront
accept-ranges
bytes
content-length
54
x-amz-cf-id
-KLAx_wZDXDiUW_CfkK5ZStKB9F0qZjrznqzpdcPLwYY3jzmkcY0ZA==
ae6893d8-cd70-4474-b00c-3812c0a0d4ab
pp.signalayer.com/ Frame 6C43 		2 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pp.signalayer.com/ae6893d8-cd70-4474-b00c-3812c0a0d4ab
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.251.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-251-165.compute-1.amazonaws.com
Software
nginx/1.15.8 / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
server
nginx/1.15.8
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type,Authorization
content-length
2
ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
data.tooltip.io/player/fetch/ Frame 6C43 		54 B
499 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://data.tooltip.io/player/fetch/ae6893d8-cd70-4474-b00c-3812c0a0d4ab.json
Requested by
Host: cdn.tooltip.io
URL: https://cdn.tooltip.io/static/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:a600:6:36e8:9f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7

Request headers

Accept
application/json, application/xml, text/play, text/html, *.*
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 08:21:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"21c5d7ac3026c86f166a0e24b12b2b5d"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
54
x-amz-cf-id
3pMxAUZ04ep1EOR1cRmXMXAL9kXGwWnvA5_rV1X3I3rL4p1SBInn0w==
js
www.googletagmanager.com/gtag/ Frame 6C43 		171 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VQKC5VQTH1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63315910cf00eeac9c945dbac9b7ff4fb057ab4083f2645c284fc8c31bc8d201
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64510
x-xss-protection
0
expires
Mon, 14 Mar 2022 20:24:12 GMT
analytics.js
www.google-analytics.com/ Frame 6C43 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:802::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
512
date
Mon, 14 Mar 2022 20:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Mar 2022 22:15:40 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame 6C43 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14889
x-xss-protection
0
server
cafe
etag
11178597599353190569
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 14 Mar 2022 20:24:12 GMT
ytc.js
s.yimg.com/wi/ Frame 6C43 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 14 Mar 2022 19:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1788
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
ASzqrg8qODAtJORwEY3lNIFL93v71YY0l013LnhO/sDmeOHyxGVvhQFrWD3hNmKh/uiFXUimWR4=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
C47CJQBY1YPME9TB
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
bat.js
bat.bing.com/ Frame 6C43 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:11 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 23:54:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 81510BF79EF74D31A9CB96E91DE07875 Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
etag
"806a236c101ed81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11333
ld.js
static.criteo.net/js/ld/ Frame 6C43 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKWM7K2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 12:51:58 GMT
server
nginx
etag
W/"61b8936e-9faf"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 15 Mar 2022 20:24:12 GMT
universal-script
175592.tracking.hyros.com/v1/lst/ Frame 6C43 		0
170 B 		Script
General
Check archive.org
Download Go to
Full URL
https://175592.tracking.hyros.com/v1/lst/universal-script?ph=8d32ccb64bc3b013ad08e3b3db8b5c12f7094658f7a1802e1282fdafe6b1af24&tag=!tracking
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.124.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-124-170.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
access-control-allow-credentials
true
content-length
0
access-control-max-age
86400
access-control-allow-methods
GET, PUT, POST, OPTIONS, DELETE
access-control-expose-headers
Session-ID
www-widgetapi.js
www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/ Frame FC09 		151 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50158
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 01:42:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 19:33:43 GMT
www-widgetapi.js
www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/ Frame 8EBD 		151 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50158
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 01:42:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 19:33:43 GMT
www-widgetapi.js
www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/ Frame 6C43 		151 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/87b9576a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:811::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3029
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50158
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 01:42:51 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 14 Mar 2023 19:33:43 GMT
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame FC09 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=u1kHEnHT9wSJ2kyJJs0e&id=75215
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
102390511cfad271d89b358aaa0eb8ee7abab2b7361fa95c724889d57850322c

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
598
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FFZk2IANvhhoF10MIeMCa2f2%2FpkL0IjF7t2IL10apBaOaRpsAiy2nBuNBRtI4lCBsliY4fqjCZRj%2F4%2FcioD24p%2FaUZ8yOF5b3Y%2BGgFGDk8IQldGbSVFnO%2Bl1%2B6Qf5h6UN6q1qA2hPq%2BX91V"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb497cd89bac-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=u1kHEnHT9wSJ2kyJJs0e&id=75215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLMlUqShRGreS2FORu93jzMpTOoVfXma41a2EqsgqpnvAxCNRgPhgwr8F4jLr2N%2FbvMzLr2ferrMTCcChVFu3BLxLwTfX%2FZjtJ7D5FxeMY2b%2BIvjT%2FvYbsVooxSMzK0y7iCi4l%2BALIc4x76i"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb474f3d9bac-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 8EBD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=7KE4VhYEZBAF7a6M9DFD&id=75176
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
d778f72c2b8ebbb1fda46a74c2003b9b855ccf11679a406b943da762011e6aca

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
598
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZM%2BdTYhR2FZhtCvHxRkqOxBgEuO4aTnN%2BZCfwZbc7QpOIavLqfvKPkXPx5jr5RFVT1VZhr4OWR2aI7voeWsYJ4nqGBow%2BZpywwtYl3Hqy1jvyEVSJawHOMeL2TxqaQv0SNTj3UnLx%2Ff7uTV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb497cf49bac-FRA
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=7KE4VhYEZBAF7a6M9DFD&id=75176
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c749kIkc7uZWOqkQCHHxdlQ8K%2BA9PLAfYjcgOaToOaxDsu%2F33zwMIYc8x5LIeJnGVJJ4tiVgch9n%2FDs5AiVgdeShtY36DmfbaMg3g6Dr8t3IG5zaKznCPIjBi%2FOepITumhb5QNvl5eduD3P"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb477fc59bac-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
matomo.php
matomo.groovetech.io/ Frame FC09 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=283665&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&urlref=https%3A%2F%2Fertcmoney.biz%2F&_id=91559c6a0552f5a0&_idn=1&_refts=1647289452&_ref=https%3A%2F%2Fertcmoney.biz%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=uFuVpW&pf_net=0&pf_srv=207&pf_tfr=1&pf_dm1=2666
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6fse7eMlqEdeGxer2cRSYm3xNCWHDrjzeX8GniHwQ%2B2AZi1xCUmcnxp9f4T7uBBC20yH%2F%2BGmEntr09YfGbXbb%2FYrCEuq3RCjGksIvXIMgWxunINHt5WFXGpBNyDs0Lp%2BZEoZhjYkNvKGulr2rHdHU7QCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb478ba85c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
matomo.php
matomo.groovetech.io/ Frame 8EBD 		0
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=986313&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&urlref=https%3A%2F%2Fertcmoney.biz%2F&_id=2b191c30cd6bfcca&_idn=1&_refts=1647289452&_ref=https%3A%2F%2Fertcmoney.biz%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=9ltKSq&pf_net=0&pf_srv=208&pf_tfr=1&pf_dm1=2657
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7wDJ4p3vKkDZZ4yMNrEF3HWldfSgT1%2F92%2BWS%2F4iy%2FmzZvqwJFlqD8cyg%2FSmtTU%2BMfWefpmh7InUOuvavyabvJ844l%2FcYrAf%2Fcmi7sM87kMQtM0O%2FzmCcRs%2FoXnf%2FqNXbdiRtLMcEUh2M7JVoBuda4vLZg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb478bb95c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
matomo.php
matomo.groovetech.io/ Frame 6C43 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=543170&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&urlref=https%3A%2F%2Fertcmoney.biz%2F&_id=3f40db5fc302391f&_idn=1&_refts=1647289452&_ref=https%3A%2F%2Fertcmoney.biz%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=jDiAEt&pf_net=0&pf_srv=213&pf_tfr=0&pf_dm1=2658
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc3XDq%2FamAqOi5PdWNwRNKKrkSAzgZm2kgsadXTkmlsVcFZmzpysDi3Z81EIJrDKpaDW2R81PuWhCZzSm%2F0K7nS%2BJWbvkv79r1N8pBxQV5K2IGlIdEisGfc6KTj4%2F510g89fim1hvIxhB0GN5Mkw6lILCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb479bcc5c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
17533112.js
bat.bing.com/p/action/ Frame FC09 		782 B
764 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
628ce6ef12a73018b199b0556d8624d97aa6c97cd1f5f8a45dd76b5c79648500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 672318BF897E44C5BFFD4B935F04AF5E Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
644
0
bat.bing.com/action/ Frame FC09 		0
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=4597bc39-170b-4d57-ae34-d554fe706120&sid=b5d348e0a3d411ec96efc98fb9da8af4&vid=b5d35820a3d411ecae1b9d3699672137&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Groovevideo%20%C2%B7%20Groovevideo&p=https%3A%2F%2Fertcmoney.biz%2F&r=&lt=3311&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=221133
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6FCA21DA1F6C430597B8D026B0423F47 Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=PLltPxii7EurFNwx1sEj&id=75185
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-auth-provider
Origin
https://app.groove.cm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.24
cache-control
no-cache, private
access-control-allow-methods
POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-headers
Content-Type, X-Auth-Token, Origin, Authorization, *
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIVHGnB8t8zXHqoBlYxyOaml%2BIm3ho8E7Q1NTYbcpR6JFl2xLk0BTGodnoUVneZznaT%2FXCte2zh69kGAes5nat177alVz9fzQD7rN4Anv%2Bap4EPtZ3nLFvWXZiUlrsJSAw13L8k3sowBP4Rw"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6ebfbb47d88b9bac-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fetch-with-permalink
v1.gdapis.com/api/groovevideo/ Frame 6C43 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v1.gdapis.com/api/groovevideo/fetch-with-permalink?permalink=PLltPxii7EurFNwx1sEj&id=75185
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.24
Resource Hash
6a8bbe6ff5b2dadf9269a4c5a56fc4600d9cf802ad6985af385f3ccea117faa0

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.groove.cm/
x-auth-provider
auth0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.3.24
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
599
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B26hWx8MVnuTKBg2NiYm0neCbrsEUuY7Qp4Jpj%2By2Fznf6VCM7RrV0kyuglp8apD0m7UFkLofvEMr3ZMjoIUQ2qaqUXOPLG73C5ey%2Bzk%2FHW1crE3mkdJGmMqofRNOTc%2BTY%2BpadwN8D0%2FVJl3"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
x-ratelimit-limit
600
cf-ray
6ebfbb49ee2c9bac-FRA
17533112.js
bat.bing.com/p/action/ Frame 8EBD 		776 B
810 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e2443aea2b773741d9b268f109a8459f00f07cffce7ee0175c7575730e7db280

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 322CCFA9A15E4E3CB8361740F8E12C40 Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
642
0
bat.bing.com/action/ Frame 8EBD 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=e250974a-e90e-4b61-9d51-076888318a64&sid=b5d348e0a3d411ec96efc98fb9da8af4&vid=b5d35820a3d411ecae1b9d3699672137&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Groovevideo%20%C2%B7%20Groovevideo&p=https%3A%2F%2Fertcmoney.biz%2F&r=&lt=3366&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=434942
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D1731E63FF0F44D1AFE31773B99DEB62 Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
10139345.json
s.yimg.com/wi/config/ Frame FC09 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:04:14 GMT
x-content-type-options
nosniff
age
1198
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
T1XJ600KBPPY0NAC
x-amz-id-2
vLBVXEhWhXBFaIZmJg0okxm0Q134NWpmGH+k/Hq6GgLC4IKmuLgHfLfJQtMnkpgFDcrR/UtDZrc=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
syncframe
gum.criteo.com/ Frame 4456 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
3105
date
Mon, 14 Mar 2022 20:24:12 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
10139345.json
s.yimg.com/wi/config/ Frame 8EBD 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:04:14 GMT
x-content-type-options
nosniff
age
1198
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
T1XJ600KBPPY0NAC
x-amz-id-2
vLBVXEhWhXBFaIZmJg0okxm0Q134NWpmGH+k/Hq6GgLC4IKmuLgHfLfJQtMnkpgFDcrR/UtDZrc=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
10139345.json
s.yimg.com/wi/config/ Frame 6C43 		2 B
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10139345.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:04:14 GMT
x-content-type-options
nosniff
age
1198
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
T1XJ600KBPPY0NAC
x-amz-id-2
vLBVXEhWhXBFaIZmJg0okxm0Q134NWpmGH+k/Hq6GgLC4IKmuLgHfLfJQtMnkpgFDcrR/UtDZrc=
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
content-length
2
17533112.js
bat.bing.com/p/action/ Frame 6C43 		782 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17533112.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
628ce6ef12a73018b199b0556d8624d97aa6c97cd1f5f8a45dd76b5c79648500

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7F26BF4FC92E43CEAADCE3314196BFED Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
644
0
bat.bing.com/action/ Frame 6C43 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=17533112&Ver=2&mid=45729a80-1517-4643-9475-4b14607fe21f&sid=b5d348e0a3d411ec96efc98fb9da8af4&vid=b5d35820a3d411ecae1b9d3699672137&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Groovevideo%20%C2%B7%20Groovevideo&p=https%3A%2F%2Fertcmoney.biz%2F&r=&lt=3345&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=632406
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B65409D43DA4553B491D6D0CB0E22DD Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:12Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame DC53 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1778
date
Mon, 14 Mar 2022 20:24:12 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
syncframe
gum.criteo.com/ Frame 2B5B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=ertcmoney.biz&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2123
date
Mon, 14 Mar 2022 20:24:12 GMT
content-length
5147
strict-transport-security
max-age=31536000; preload;
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame FC09 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1647289452216&cv=9&fst=1647289452216&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63dfa606509a32ac64427a74a55b8d12f0a53468d1fb9143e3e62600cd2dee5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 6C43 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1647289452218&cv=9&fst=1647289452218&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857ed05e8c984b95b7d92786d36ec628115cb5a2b111fe9281389db9f19994d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1055
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/ Frame 8EBD 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/646915355/?random=1647289452220&cv=9&fst=1647289452220&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966687aa1bef6dc03757dbd555b7c995b9aa24d197856ed702fe7c59048a0956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ Frame FC09 		43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2014%20Mar%202022%2020%3A24%3A12%20GMT&n=0&b=Groovevideo%20%C2%B7%20Groovevideo&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&e=https%3A%2F%2Fertcmoney.biz%2F&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:13 GMT
sid
mug.criteo.com/ Frame 4456
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1
  • https://mug.criteo.com/sid?cpp=3ZvkH3xoRWpwM2xqM3huWnJ4QXFPemE2bzlldTc2TElkRUpNS0lTMjV6Vkw1ejVHcmFycXpUdHhxMHBEM21xYmNhdHZkTnRJUEczRFZzemoyb0dFcVNUaFlEMldKTlZnWmZhU2F6RXR4NmxGTlpOVzByYkRoTDhzMmdQd1...
441 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3ZvkH3xoRWpwM2xqM3huWnJ4QXFPemE2bzlldTc2TElkRUpNS0lTMjV6Vkw1ejVHcmFycXpUdHhxMHBEM21xYmNhdHZkTnRJUEczRFZzemoyb0dFcVNUaFlEMldKTlZnWmZhU2F6RXR4NmxGTlpOVzByYkRoTDhzMmdQd1NZR05KaUt5SE5Td3VwNWJqVDIreHlEeVZZbjJhZGdPV04xUC9aL3NDMklQMFlralIzTFdTd0FzOWdYcThjS0RnM2ZTOHJDS09aV3daZm9Ic2JaYllESlRDa0dMV1I1RVdPbXJPZmhCLzg1SEtXSlpnNkxSSFJxMHhxMmZ1Y09JcnE3VXhBUTI0aGMrYTFwelprdGJZdDQvVG9TQk9kT2piNkNjVENxWmF1Zm95YkR4TEwvMD18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
c88091c5c6170199216477010856fa90c6bce90860ed0047582e81249646e24f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3800
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=3ZvkH3xoRWpwM2xqM3huWnJ4QXFPemE2bzlldTc2TElkRUpNS0lTMjV6Vkw1ejVHcmFycXpUdHhxMHBEM21xYmNhdHZkTnRJUEczRFZzemoyb0dFcVNUaFlEMldKTlZnWmZhU2F6RXR4NmxGTlpOVzByYkRoTDhzMmdQd1NZR05KaUt5SE5Td3VwNWJqVDIreHlEeVZZbjJhZGdPV04xUC9aL3NDMklQMFlralIzTFdTd0FzOWdYcThjS0RnM2ZTOHJDS09aV3daZm9Ic2JaYllESlRDa0dMV1I1RVdPbXJPZmhCLzg1SEtXSlpnNkxSSFJxMHhxMmZ1Y09JcnE3VXhBUTI0aGMrYTFwelprdGJZdDQvVG9TQk9kT2piNkNjVENxWmF1Zm95YkR4TEwvMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1851
content-length
567
expires
0
sid
mug.criteo.com/ Frame DC53
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1
  • https://mug.criteo.com/sid?cpp=-SpvR3xPVnZVQnUxV01LNlJPL2txenBRaUNzemhCanlVTnZKaVc2TkxiYmtlUENCbnY3YzlEaW45RmVSWUhmN0dFcEZqeWM0RlV3dGF2U1h4bE1wV3N3Y2ZtTGNDV3ZVbFRTdVBWaDhxWFZTQ2x5OTN5UTVjTVA5b1Nldj...
433 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-SpvR3xPVnZVQnUxV01LNlJPL2txenBRaUNzemhCanlVTnZKaVc2TkxiYmtlUENCbnY3YzlEaW45RmVSWUhmN0dFcEZqeWM0RlV3dGF2U1h4bE1wV3N3Y2ZtTGNDV3ZVbFRTdVBWaDhxWFZTQ2x5OTN5UTVjTVA5b1NldjYxRURGbDg0cndTK2NzQTI2dmVEUyt4TDVadDJHRWt6YUhFWWgyemFvUDhwaWJ0aSt4NXlRQmk5NVhibktDTW8vYlhzMXdUdTNnUFpHZUhxVUgxN0pNY1MzTDZPWkVSb2xyVHpibnhKMVUwT2FVeDhqNVFnNUtlckdnMURYTS9DODBYN3B0ejExeHVKS3NIRjNqU2tHd0MxQWZLclRTblFLN29YY3hTaEt4aUNyVUxHUzJpMD18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
fd43e82965984b49a1f7902a18168c01ca10f7fd8bdcb63878be4dfcea19ebfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4110
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=-SpvR3xPVnZVQnUxV01LNlJPL2txenBRaUNzemhCanlVTnZKaVc2TkxiYmtlUENCbnY3YzlEaW45RmVSWUhmN0dFcEZqeWM0RlV3dGF2U1h4bE1wV3N3Y2ZtTGNDV3ZVbFRTdVBWaDhxWFZTQ2x5OTN5UTVjTVA5b1NldjYxRURGbDg0cndTK2NzQTI2dmVEUyt4TDVadDJHRWt6YUhFWWgyemFvUDhwaWJ0aSt4NXlRQmk5NVhibktDTW8vYlhzMXdUdTNnUFpHZUhxVUgxN0pNY1MzTDZPWkVSb2xyVHpibnhKMVUwT2FVeDhqNVFnNUtlckdnMURYTS9DODBYN3B0ejExeHVKS3NIRjNqU2tHd0MxQWZLclRTblFLN29YY3hTaEt4aUNyVUxHUzJpMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1843
content-length
567
expires
0
sid
mug.criteo.com/ Frame 2B5B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=app.groove.cm&sn=ChromeSyncframe&so=0&topUrl=ertcmoney.biz&lsw=1
  • https://mug.criteo.com/sid?cpp=Y33N-nxzcTJJeC9IRVdaeG9Sd0dEZ09kT2Rlc0ZmNmZhYlFJWFEwdWJlMjZsSVJWMU82U2RwOWdNTkhDSTVxbkhZSThONlB3SjBkOW95UUc5MmgrNXRWYTlUY1EyaHE2aTU2dDNUL1dtai92cjk2ZDdlUHJBZmw0RklFU3...
452 B
643 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Y33N-nxzcTJJeC9IRVdaeG9Sd0dEZ09kT2Rlc0ZmNmZhYlFJWFEwdWJlMjZsSVJWMU82U2RwOWdNTkhDSTVxbkhZSThONlB3SjBkOW95UUc5MmgrNXRWYTlUY1EyaHE2aTU2dDNUL1dtai92cjk2ZDdlUHJBZmw0RklFU3RXT2w4c0hYa3ExamJwV1orUFcvTk92cldVVkJ3dlU2M0wwTkJWV2RZWHhtZFE4aTY5RGZLZVZ6K1hoL0tHOTJhSVNqODZLN3Z4U1JVTzdDVE1qMFRVMDFwTk54YXQ2d0RXYm96U1M3YW4rZkpoYkdnakRrZjVrdmlkNEMyTTlPUlpoZ05lWDMxcVNqZFdUY3V6Y1dGaWFlZ1lEMzBWQjdYWTFzaUx1K3d3bVd2Q2l2K0hOdz18&cppv=2
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0c2db1ac95de02a43970f36d6c7c72eec763a5ab8b16e542d1783022c1f3eadc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3556
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=Y33N-nxzcTJJeC9IRVdaeG9Sd0dEZ09kT2Rlc0ZmNmZhYlFJWFEwdWJlMjZsSVJWMU82U2RwOWdNTkhDSTVxbkhZSThONlB3SjBkOW95UUc5MmgrNXRWYTlUY1EyaHE2aTU2dDNUL1dtai92cjk2ZDdlUHJBZmw0RklFU3RXT2w4c0hYa3ExamJwV1orUFcvTk92cldVVkJ3dlU2M0wwTkJWV2RZWHhtZFE4aTY5RGZLZVZ6K1hoL0tHOTJhSVNqODZLN3Z4U1JVTzdDVE1qMFRVMDFwTk54YXQ2d0RXYm96U1M3YW4rZkpoYkdnakRrZjVrdmlkNEMyTTlPUlpoZ05lWDMxcVNqZFdUY3V6Y1dGaWFlZ1lEMzBWQjdYWTFzaUx1K3d3bVd2Q2l2K0hOdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1856
content-length
567
expires
0
sp.pl
sp.analytics.yahoo.com/ Frame 6C43 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2014%20Mar%202022%2020%3A24%3A12%20GMT&n=0&b=Groovevideo%20%C2%B7%20Groovevideo&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&e=https%3A%2F%2Fertcmoney.biz%2F&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:13 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 8EBD 		43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2014%20Mar%202022%2020%3A24%3A12%20GMT&n=0&b=Groovevideo%20%C2%B7%20Groovevideo&.yp=10139345&f=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&e=https%3A%2F%2Fertcmoney.biz%2F&enc=UTF-8&yv=1.12.0&isIframe=1&tagmgr=gtm
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:13 GMT
clarity.js
f.clarity.ms/s/0.6.32/ Frame 8EBD 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/s/0.6.32/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
etag
"1d8314040aa9e90"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
clarity.js
www.clarity.ms/eus2/s/0.6.32/ Frame FC09 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1905 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
etag
"1d8314040aa9e90"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0baQvYgAAAAA0h2tgPuPKR6qZntCnBoVQQ0FJMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
event
widget.us.criteo.com/ Frame 8EBD
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp0cWR4VnhEbkJXR2lRcXN3MVpGJTJGJTJGMDNGQW1GQW5VUERoJTJCJTJGNURPZCUyRnl0WDM5SiUyQmpMencyYmdBUEZSNDhkMmk1NmZwakJTQlNkYVBNWklXUzlMZlhIczlPQkhPVDY3aXRBMWNhRVpoanM1TjA1ZWhmR3huSmlIZW80TFJINk14aTdac2clM0QlM0Q&tld=app.groove.cm&dtycbr=12723
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8edfa8f49ce99041068b4f1aa116740af8b1f5e2e2af664d802816e0a745938b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9589934
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=011CJF95bDM0aFBMejdWbnlvOVlyRFp0cWR4VnhEbkJXR2lRcXN3MVpGJTJGJTJGMDNGQW1GQW5VUERoJTJCJTJGNURPZCUyRnl0WDM5SiUyQmpMencyYmdBUEZSNDhkMmk1NmZwakJTQlNkYVBNWklXUzlMZlhIczlPQkhPVDY3aXRBMWNhRVpoanM1TjA1ZWhmR3huSmlIZW80TFJINk14aTdac2clM0QlM0Q&tld=app.groove.cm&dtycbr=12723
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3759581
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame 6C43
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSU...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSU...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSUyRkIzb28lMkJoQng3clJ1VWgzQWVXdmZ2aTYwRU0lMkY3Tmd3d1ZzTWMwZzFZZSUyQktaRGc0SWtwblMlMkZUV1JGajZMNlklMkJhMW51OUs3bExQVWIwJTJCRExqcW9MTlElMkZoUTglMkY4ZXFlYjhxdUJlU3RQMzNBc3ZQNENHNUNNT2dFZDJiZGdvV3ozaWlLdlElM0QlM0Q&tld=app.groove.cm&dtycbr=90864
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
27fb17ded8b02fd7fd9adae449b6bd61f61eba9d69e669a0badcfc82dc2d779b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9816898
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=je1f_19aaDd3aFhxb0xud3h6cGppUSUyRkIzb28lMkJoQng3clJ1VWgzQWVXdmZ2aTYwRU0lMkY3Tmd3d1ZzTWMwZzFZZSUyQktaRGc0SWtwblMlMkZUV1JGajZMNlklMkJhMW51OUs3bExQVWIwJTJCRExqcW9MTlElMkZoUTglMkY4ZXFlYjhxdUJlU3RQMzNBc3ZQNENHNUNNT2dFZDJiZGdvV3ozaWlLdlElM0QlM0Q&tld=app.groove.cm&dtycbr=90864
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7053473
timing-allow-origin
*
content-length
0
expires
0
event
widget.us.criteo.com/ Frame FC09
Redirect Chain
  • https://sslwidget.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0h...
  • https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0h...
7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0hkVEpWWmNhV2I4WnZRYnhRQ0JiWWw3SzZ4Y2ZxVWc0ZGJObzRIaW51UzFQTm5Tc0hUZ1FQJTJGeHpPN3dsSlc2YklTT2h0c2tGeUZ0JTJCRFhaRnpYNmJBU3BGUWVIJTJGOU4lMkZnJTJCQVVHMG1YSDklMkJzUXltVWQ1STVlbElUZkdQRDIwemh1RzRXRWclM0QlM0Q&tld=app.groove.cm&dtycbr=86857
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e26c06bae18e7c2d3fef7b5bb741d612c50f381a20c5327a71e4d689dafef00b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
content-type
application/x-javascript
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9688217
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://widget.us.criteo.com/event?a=81296&v=5.8.1&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fertcmoney.biz&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis&bundle=3-vhYl9LOU5tOVhxYjlmZnZ5UHZsQ0hkVEpWWmNhV2I4WnZRYnhRQ0JiWWw3SzZ4Y2ZxVWc0ZGJObzRIaW51UzFQTm5Tc0hUZ1FQJTJGeHpPN3dsSlc2YklTT2h0c2tGeUZ0JTJCRFhaRnpYNmJBU3BGUWVIJTJGOU4lMkZnJTJCQVVHMG1YSDklMkJzUXltVWQ1STVlbElUZkdQRDIwemh1RzRXRWclM0QlM0Q&tld=app.groove.cm&dtycbr=86857
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2675822
timing-allow-origin
*
content-length
0
expires
0
/
www.google.com/pagead/1p-user-list/646915355/ Frame 6C43 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1647289452218&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=2091558962&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 6C43 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1647289452218&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=2091558962&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/646915355/ Frame 8EBD 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1647289452220&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=1072482055&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame 8EBD 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1647289452220&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=1072482055&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/646915355/ Frame FC09 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/646915355/?random=1647289452216&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=1797762773&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/646915355/ Frame FC09 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/646915355/?random=1647289452216&cv=9&fst=1647288000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg370&sendb=1&frm=2&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&ref=https%3A%2F%2Fertcmoney.biz%2F&tiba=Groovevideo%20%C2%B7%20Groovevideo&async=1&fmt=3&is_vtc=1&random=1797762773&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg
groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/ Frame 8EBD 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.143.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
c6c38303932536ea69957d97b4f13bb4f7cecbd2373542e516a9d8429afc0b15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Fri, 12 Nov 2021 16:16:49 GMT
Server
AmazonS3
x-amz-request-id
8ZEW557KKR6Y235R
ETag
"03b1e08e574ced25b82726727dd27f1a"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1311
x-amz-id-2
o0bG3qhRMs0p1Ramwv1P/Ti7bqxuWL70Bg+rYmyb/MTziyET7AJt/VWdXzPu7Jb2gUQ/i8nuUIo=
truncated
/ Frame 8EBD 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://app.groove.cm
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
groovevideo-thumbnails-39897556cb96436fdcfb1795482d4a8b.jpg
groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/ Frame 6C43 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-39897556cb96436fdcfb1795482d4a8b.jpg
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.143.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
44cc3500bb7f0416a61a2b41cc9c55574f85717949535a0854bbcd2c703a5173

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Fri, 12 Nov 2021 16:49:22 GMT
Server
AmazonS3
x-amz-request-id
8ZEHZHZP5VBZEVY9
ETag
"4d9b496e4e631125c00714a8e3bb41de"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1316
x-amz-id-2
QOZkuJ2pJ5CeCivS/7Ybgirhlp/oxDDCPA0Ga/XOv0X+i/Xh4rixa3rIoxrWS9w9niHSkmu0wF0=
clarity.js
www.clarity.ms/eus2/s/0.6.32/ Frame 6C43 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1905 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:12 GMT
content-encoding
br
etag
"1d8314040aa9e90"
last-modified
Sun, 06 Mar 2022 09:55:04 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0baQvYgAAAADnj78kPHCLRa82TSJinlqnQ0FJMzBFREdFMDIxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
groovevideo-213d95e6b4b4fcf88270eebb4d673595.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame FC09 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-213d95e6b4b4fcf88270eebb4d673595.mp4
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56d3bf72133f30f5e4ea2824f5906c580070865a0355d83013bc22d1849d8e42

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Mar 2022 10:51:38 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 21:33:10 GMT
server
AmazonS3
age
34356
etag
"f0a1f3fafedb3b07b52afe73134ecc80"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-2626605/2626606
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
Content-Length
2626606
x-amz-cf-id
fJaRGsOsIjZ3-jclFdIE_0_t6zjVP9tzOwuRVQcwxhGijVD6RkGrDA==
groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 8EBD 		320 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-8d2985e0fd35262fe8daa16a82295540.mp4
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Mar 2022 10:51:38 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 16:18:22 GMT
server
AmazonS3
age
34356
etag
"d01b8de36dff0efab6b88f31a7dbeabc"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-20764396/20764397
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
Content-Length
20764397
x-amz-cf-id
VIoJfCOo1lzCrC81mGRDVniOzbyln53yeOhIbo-utukhyCrun3K02w==
groovevideo-39897556cb96436fdcfb1795482d4a8b.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 6C43 		271 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-39897556cb96436fdcfb1795482d4a8b.mp4
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 16:49:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"2a3866383fb5a803961224736cb5f4b2"
x-cache
Miss from cloudfront
content-type
video/mp4
Content-Range
bytes 0-20622091/20622092
accept-ranges
bytes
Content-Length
20622092
x-amz-cf-id
6Nw8G-E4gGU8SvFsq8efHQr2elbdnqM5gi2cdSQ2iqtUZcxFoNWGUg==
collect
b.clarity.ms/ Frame FC09 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
matomo.php
matomo.groovetech.io/ Frame FC09 		0
531 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=646785&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75215%2Fu1kHEnHT9wSJ2kyJJs0e&urlref=https%3A%2F%2Fertcmoney.biz%2F&_id=ba6e1dbcdc441ea8&_idn=1&_refts=1647289453&_ref=https%3A%2F%2Fertcmoney.biz%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=iDj8EO&pf_net=0&pf_srv=207&pf_tfr=1&pf_dm1=2666
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZE%2B6Vq7Su%2FYWD4tGERgC3IBnr6zQx9c6K%2FraqV9oTbSHYwYhfKvWuUND%2BEPBn8jyFr%2F97beOfttqo31116q34JMV%2BFxjbSPFeOCGWWhfG2ozorN55RcxcpjCWMOWo7HE4LTb02Kp7W%2FEumtVVyOu55VYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb4c8d275c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
matomo.php
matomo.groovetech.io/ Frame 8EBD 		0
529 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=586116&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fgroovevideo%2Fvideo%2F75176%2F7KE4VhYEZBAF7a6M9DFD&urlref=https%3A%2F%2Fertcmoney.biz%2F&_id=5577f45936b18e71&_idn=1&_refts=1647289453&_ref=https%3A%2F%2Fertcmoney.biz%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=lWgqRE&pf_net=0&pf_srv=208&pf_tfr=1&pf_dm1=2657
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf8bsPUKXFCOtQeaHcUPuJaKKPcTKKfQ7%2FVYzAdEF75XBPLErBtlqBAkXdkN8huR3tpq5WdJ2zcLNp4SPg1oYeA1%2Flbu53qqLug%2Fr%2FOpm2DbdZeZB4jENsQEmiSKHazYl8E1%2BvAr%2FqMBwSjsd1%2FhJ2RlQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb4c8d375c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
f.clarity.ms/ Frame 8EBD 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
matomo.php
matomo.groovetech.io/ Frame 6C43 		0
531 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=729813&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&urlref=%2F&_id=51e95e8f05216434&_idn=1&_refts=1647289452&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=0vZbTV&pf_net=0&pf_srv=213&pf_tfr=0&pf_dm1=2658
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcP0FmHWySbHCUSFsfYZ8q94hZrd%2FZoggENV7XkExev6ODDaEcfy7mZY37tqJijF3ZvB1nPxA%2B%2BDfXJcdc8H9kNW2xxM0UtV3I%2Bp1YiM2Gz6SbHDvs6hubXGA%2BRdICzEVmqrpkQVVUlWKC40%2FneZ%2BJqXrA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb4c9d615c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
beacon-v2.helpscout.net/ Frame FC09 		293 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75215/u1kHEnHT9wSJ2kyJJs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:22:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:34 GMT
server
AmazonS3
age
95
etag
"b6c1b46981d6f9feea2a5a7f9ccb38b9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
242
x-amz-cf-id
jQ_4TlLoIgsTnnrQLdAK1UvVrd6Ma44kDzAyUIvoKkcfTYqWHexXSw==
c.gif
c.clarity.ms/ Frame FC09
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&RedC=c.clarity.ms&MXFR=042924B0B62764C335A635D7B2276A8C
  • https://c.clarity.ms/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&MUID=064E0D861F1368422A521CE11E7869B2
42 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&MUID=064E0D861F1368422A521CE11E7869B2
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BDDB8FE77DF5407A9F646AD7A993850E Ref B: FRAEDGE1420 Ref C: 2022-03-14T20:24:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=C892923492954B5DBE2BB6B4544E9612&MUID=064E0D861F1368422A521CE11E7869B2
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
397596.gif
idsync.rlcdn.com/ Frame 93FF
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=x5C1Fsg6FpWUr6X2GamNkMdu6EEoaXRL
42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=x5C1Fsg6FpWUr6X2GamNkMdu6EEoaXRL
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=x5C1Fsg6FpWUr6X2GamNkMdu6EEoaXRL
date
Mon, 14 Mar 2022 20:24:12 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2547
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 93FF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
265354
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
partner.mediawallahscript.com/ Frame 93FF 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w&custom=&tag_format=img&tag_action=sync&custom=&cb=2f85a264-85c6-45f5-86bf-b32b57981e81
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.3.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-3-136.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
362338.gif
idsync.rlcdn.com/ Frame 93FF 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
v1
ads.yahoo.com/cms/ Frame 93FF 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
spp.pl
sp.analytics.yahoo.com/ Frame 93FF 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:13 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 93FF 		0
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-uxyas0Q0Am5yYa5XGdrXYYs_hLYgh6kLfF9XeQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 93FF 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Z8jheUQ0Am5yYa5XGdrXYYs_hLbp7nQ-_yMI-Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache
X-TraceId
4b0524304f2db67a8c7eefa42bdcf53a
Content-Length
0
t.gif
cw.addthis.com/ Frame 93FF 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:14 GMT
tap.php
pixel.rubiconproject.com/ Frame 93FF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw&expires=30
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
bounce
secure.adnxs.com/ Frame 93FF
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA&seg=95287
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA%26seg%3D95287
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA%26seg%3D95287
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
26733b25-e361-478e-aeba-a78974fd5be8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
394c74d2-aa61-40a8-aa33-5d7e0b28458e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA%26seg%3D95287
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 93FF 		42 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 15:14:44 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0023:0:511
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 93FF
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b&gdpr=1&cmp_cs=&us_privacy=
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 93FF 		45 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-iTV6ckQ0Am5yYa5XGdrXYYs_hLYf3SIgjFwifg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 14 Mar 2022 20:24:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 14 Mar 2022 20:24:13 GMT
rum
r.casalemedia.com/ Frame 93FF
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Mar 2022 20:24:13 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Mon, 14 Mar 2022 20:24:13 GMT
/
s.ad.smaato.net/c/ Frame 93FF 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-0s9C20Q0Am5yYa5XGdrXYYs_hLZ_eVvD_mpCiw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
l9XDecFVj1rIScEGTn-LyGAhc1JBynj_iH04a_PRXpjGOSpyPCxw-Q==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame 93FF
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
18.194.211.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/ Frame 93FF 		35 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-0RG9zkQ0Am5yYa5XGdrXYYs_hLZ2FiLe4OXYnw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.228.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-228-8.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 93FF 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-wyh0QkQ0Am5yYa5XGdrXYYs_hLYsatp-njQLfQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:13 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 93FF 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tlVc90Q0Am5yYa5XGdrXYYs_hLbpSzDwSiWGNg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13587
/
rtb-csync.smartadserver.com/redir/ Frame 93FF 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-_ZHqo0Q0Am5yYa5XGdrXYYs_hLZnPuYwctl1Yw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 93FF 		68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oreD8EQ0Am5yYa5XGdrXYYs_hLY1bYNGV_rV9g
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.162.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-162-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ul_cb/ Frame 93FF
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
34.255.38.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-38-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 20:24:14 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 93FF
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=e80ff4b78e2e47f1bd7985f547bfa0e9
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Date
Mon, 14 Mar 2022 20:24:13 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 93FF 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-VsCAEEQ0Am5yYa5XGdrXYYs_hLa-8_sGiOE_1Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame 93FF
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
0
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
date
Mon, 14 Mar 2022 20:24:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame 93FF 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Js3srUQ0Am5yYa5XGdrXYYs_hLZS0ax99I0YVA
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 93FF
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1647289454.dop150.am5.t,1647289454.cds239.am5.shn,1647289454.cds239.am5.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647289454171057-583
Expires
Mon, 14 Mar 2022 20:24:14 GMT
matomo.php
matomo.groovetech.io/ Frame 6C43 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.groovetech.io/matomo.php?action_name=GrooveFunnels&idsite=5&rec=1&r=280741&h=20&m=24&s=12&url=https%3A%2F%2Fapp.groove.cm%2Fvideo%2F75185%2FPLltPxii7EurFNwx1sEj&urlref=%2F&_id=7df7e0398b3680ec&_idn=1&_refts=1647289453&_ref=%2F&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=WE5qSB&pf_net=0&pf_srv=213&pf_tfr=0&pf_dm1=2658
Requested by
Host: matomo.groovetech.io
URL: https://matomo.groovetech.io/matomo.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.15
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YK124BN6mf7OtvLEAdNkRU41zLfx39wRTxdZpWVS6Oa4Yl7ekwslugv6kEMb3Sjk2rqxATWlXpdE8OxxgpWeRmcMvGHg4Gt0j6Dw%2BqxbTB7AjkfrC2grbSLZeSQxZrZ1Ro%2BrbfKBL2JYo%2FlhKyQugUFNlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://app.groove.cm
access-control-allow-credentials
true
cf-ray
6ebfbb4d0e635c74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
b.clarity.ms/ Frame 6C43 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 93FF
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
34967121
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5b0dbcb8-6f9d-4288-9af9-373a7921cc3b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
beacon-v2.helpscout.net/ Frame 8EBD 		293 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:22:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:34 GMT
server
AmazonS3
age
95
etag
"b6c1b46981d6f9feea2a5a7f9ccb38b9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
242
x-amz-cf-id
9LhOG_mJLeUtfGjeonefArw9HudCULFkbLaPYKWWnvrwD8pMFD5ojw==
c.gif
c.clarity.ms/ Frame 8EBD 		42 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:12 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
397596.gif
idsync.rlcdn.com/ Frame 82ED
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=4NZjHd_SzIVo2Ehm9wJmZ3rqdypYcF7B
42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=4NZjHd_SzIVo2Ehm9wJmZ3rqdypYcF7B
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=4NZjHd_SzIVo2Ehm9wJmZ3rqdypYcF7B
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3165
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 82ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
355617
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362338.gif
idsync.rlcdn.com/ Frame 82ED 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
spp.pl
sp.analytics.yahoo.com/ Frame 82ED 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:13 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame 82ED 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-uxyas0Q0Am5yYa5XGdrXYYs_hLYgh6kLfF9XeQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 82ED 		0
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Z8jheUQ0Am5yYa5XGdrXYYs_hLbp7nQ-_yMI-Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-cache
X-TraceId
a41a9fc00a5c9c1935bc8e46951b52f7
Content-Length
0
t.gif
cw.addthis.com/ Frame 82ED 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:14 GMT
setuid
secure.adnxs.com/ Frame 82ED 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA&seg=95287
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0a26f3f-2e32-4f89-9e84-90a259c2167b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 82ED 		42 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:491
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 82ED 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 82ED 		45 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-iTV6ckQ0Am5yYa5XGdrXYYs_hLYf3SIgjFwifg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 14 Mar 2022 20:24:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 14 Mar 2022 20:24:13 GMT
rum
r.casalemedia.com/ Frame 82ED
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Mar 2022 20:24:13 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
296
Expires
Mon, 14 Mar 2022 20:24:13 GMT
/
s.ad.smaato.net/c/ Frame 82ED 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-0s9C20Q0Am5yYa5XGdrXYYs_hLZ_eVvD_mpCiw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
TGSRxr20D9EH81qINKsbknvKgo5fXck6OLLU7Ec_hPAdK4An-H72XA==
x-cache
FunctionGeneratedResponse from cloudfront
sync
x.bidswitch.net/ul_cb/ Frame 82ED
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
18.194.211.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Date
Mon, 14 Mar 2022 20:24:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/ Frame 82ED 		35 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-0RG9zkQ0Am5yYa5XGdrXYYs_hLZ2FiLe4OXYnw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.228.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-228-8.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 82ED 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-wyh0QkQ0Am5yYa5XGdrXYYs_hLYsatp-njQLfQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:13 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 82ED 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tlVc90Q0Am5yYa5XGdrXYYs_hLbpSzDwSiWGNg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13587
/
rtb-csync.smartadserver.com/redir/ Frame 82ED 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-_ZHqo0Q0Am5yYa5XGdrXYYs_hLZnPuYwctl1Yw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 82ED 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oreD8EQ0Am5yYa5XGdrXYYs_hLY1bYNGV_rV9g
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.162.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-162-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ul_cb/ Frame 82ED
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
34.255.38.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-38-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 20:24:14 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 82ED
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=9d347ccc3ed149318e787c32fe808861
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Date
Mon, 14 Mar 2022 20:24:13 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 82ED 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-VsCAEEQ0Am5yYa5XGdrXYYs_hLa-8_sGiOE_1Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55945/ Frame 82ED
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
date
Mon, 14 Mar 2022 20:24:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
criteo-partners.tremorhub.com/ Frame 82ED 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Js3srUQ0Am5yYa5XGdrXYYs_hLZS0ax99I0YVA
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 82ED
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1647289454.dop150.am5.t,1647289454.cds239.am5.shn,1647289454.cds239.am5.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:13 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647289453944005-572
Expires
Mon, 14 Mar 2022 20:24:13 GMT
/
partner.mediawallahscript.com/ Frame 82ED 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w&custom=&tag_format=img&tag_action=sync&custom=&cb=6ab044fd-3cfe-4eac-aaa0-46db2d56b3dd
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.3.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-3-136.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
v1
ads.yahoo.com/cms/ Frame 82ED 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
tap.php
pixel.rubiconproject.com/ Frame 82ED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw&expires=30
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 82ED
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
72632226
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6607084a-c94e-4d7d-b6b8-a042f92357b4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vendor.aaf2a4e6.js
beacon-v2.helpscout.net/static/js/ Frame FC09 		699 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.aaf2a4e6.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:28:08 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
3366
etag
"946a62e8130eaf8c074bab6fa6a6f020"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
199971
x-amz-cf-id
XkOjagZaq-YkEjM6_6qRrBkiD7AL6QrOhxa9v2tQLoJeWd-hNqcdNw==
main.0a1eb6f8.js
beacon-v2.helpscout.net/static/js/ Frame FC09 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.0a1eb6f8.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:40:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
2607
etag
"dd516ee864c647b9ae367769c389dd7c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
68669
x-amz-cf-id
x9Rr81UW6Nx6y40GA1HWE4O3AXnPQ9DfHyLk74qDWeH4NR7bXaEFRA==
vendor.aaf2a4e6.js
beacon-v2.helpscout.net/static/js/ Frame 8EBD 		699 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.aaf2a4e6.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:28:08 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
3366
etag
"946a62e8130eaf8c074bab6fa6a6f020"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
199971
x-amz-cf-id
Ag66tG9Em01_zQOFjyXMyE8BTtmln8THneEkl6gx1nfrZRSVL9e3HQ==
main.0a1eb6f8.js
beacon-v2.helpscout.net/static/js/ Frame 8EBD 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.0a1eb6f8.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:40:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
2607
etag
"dd516ee864c647b9ae367769c389dd7c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
68669
x-amz-cf-id
hMig-cB2k_IP1rGGkAye5Sv5UK-Ty-naAxNq3iFojBtIiU3NyxeEtA==
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 82ED
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/WYDMpICK7Baxxdq9oxu-T0KpQzosJ-ac/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8383774310157447797
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8383774310157447797
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1741700
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8383774310157447797
pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 93FF
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/rWk2i1yRdAnxM_xECbfJnQKUhovMJdNY/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1956837
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
/
beacon-v2.helpscout.net/ Frame 6C43 		293 B
619 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/
Requested by
Host: app.groove.cm
URL: https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:22:39 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:34 GMT
server
AmazonS3
age
96
etag
"b6c1b46981d6f9feea2a5a7f9ccb38b9"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=120, s-maxage=120, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
242
x-amz-cf-id
S1N2eV9CF2dMzdJa1O2tgu5xvDMYpDVmJYqqBFO7zQIyWk8rN6a6fQ==
c.gif
c.clarity.ms/ Frame 6C43 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/17533112.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"7c5ed6a6f22cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
397596.gif
idsync.rlcdn.com/ Frame 6DA9
Redirect Chain
  • https://gum.criteo.com/sync?c=6&r=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
  • https://idsync.rlcdn.com/397596.gif?partner_uid=Qhgl-RmHmi7Z3x2_0M8AF-k4n_gKfWOt
42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/397596.gif?partner_uid=Qhgl-RmHmi7Z3x2_0M8AF-k4n_gKfWOt
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/397596.gif?partner_uid=Qhgl-RmHmi7Z3x2_0M8AF-k4n_gKfWOt
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3050
content-length
197
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 6DA9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&google_hm=ay1hS2RxeVVRMEFtNXlZYTVYR2RyWFlZc19oTGJfTnhWRi1jZDI0dw
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
258504
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_ula=913071,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
279
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362338.gif
idsync.rlcdn.com/ Frame 6DA9 		42 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Mar 2022 20:24:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
spp.pl
sp.analytics.yahoo.com/ Frame 6DA9 		43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10001287818027&.yp=10028862&js=no
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Mon, 14 Mar 2022 20:24:14 GMT
setuid
secure.adnxs.com/ Frame 6DA9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-QEei8kQ0Am5yYa5XGdrXYYs_hLan6bnz2wd9bA&seg=95287
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ff2cceb8-6a03-49b4-8171-9e560eb6bedc
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6DA9 		42 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 14:16:21 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:483
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
xuid
eb2.3lift.com/ Frame 6DA9 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-XVO53UQ0Am5yYa5XGdrXYYs_hLavuKfeRi9EGQ&dongle=013b
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cksync.php
contextual.media.net/ Frame 6DA9 		45 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-iTV6ckQ0Am5yYa5XGdrXYYs_hLYf3SIgjFwifg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Mon, 14 Mar 2022 20:24:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 14 Mar 2022 20:24:14 GMT
rum
r.casalemedia.com/ Frame 6DA9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Mar 2022 20:24:14 GMT
sync
x.bidswitch.net/ Frame 6DA9 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-s37KUUQ0Am5yYa5XGdrXYYs_hLbA1Xc31d_erQ&expires=30&user_group=5
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.211.85 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-211-85.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel_sync
trends.revcontent.com/cm/ Frame 6DA9 		35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-0RG9zkQ0Am5yYa5XGdrXYYs_hLZ2FiLe4OXYnw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.228.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-228-8.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
x-powered-by
Express
content-length
35
content-type
image/gif
um
criteo-sync.teads.tv/ Frame 6DA9 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-wyh0QkQ0Am5yYa5XGdrXYYs_hLYsatp-njQLfQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:14 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 6DA9 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-_ZHqo0Q0Am5yYa5XGdrXYYs_hLZnPuYwctl1Yw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:13 GMT
transfer-encoding
chunked
content-type
image/gif
v1
match.sharethrough.com/sync/ Frame 6DA9 		68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oreD8EQ0Am5yYa5XGdrXYYs_hLY1bYNGV_rV9g
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.162.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-162-156.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
content-length
68
content-type
image/png
match
ad.360yield.com/ Frame 6DA9 		43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-X3v9qEQ0Am5yYa5XGdrXYYs_hLYpIoHyv_5UKw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.38.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-38-72.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Mar 2022 20:24:14 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame 6DA9
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w&_li_chk=true&previous_uuid=149ff21b67784e1d8a42cab0f2ac7b98
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2600:1f18:444a:4602:f850:4eec:7dd:fbc1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-w58ssEQ0Am5yYa5XGdrXYYs_hLaCWXfhtkHx8w
Date
Mon, 14 Mar 2022 20:24:13 GMT
Connection
keep-alive
Content-Length
0
Strict-Transport-Security
max-age=31536000; includeSubDomains
1017
jadserve.postrelease.com/suid/ Frame 6DA9 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-VsCAEEQ0Am5yYa5XGdrXYYs_hLa-8_sGiOE_1Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.120.176 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-120-176.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
criteo-partners.tremorhub.com/ Frame 6DA9 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-Js3srUQ0Am5yYa5XGdrXYYs_hLZS0ax99I0YVA
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:cf98:6d7b:6943:bef0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
empty.gif
cdn.stickyadstv.com/one-shot/ Frame 6DA9
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ&redirectId=69
  • https://cdn.stickyadstv.com/one-shot/empty.gif?
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.stickyadstv.com/one-shot/empty.gif?
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Thu, 28 Feb 2013 15:45:35 GMT
ETag
"1362066335"
X-HW
1647289454.dop150.am5.t,1647289454.cds239.am5.shn,1647289454.cds239.am5.c
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cdn.stickyadstv.com/one-shot/empty.gif?
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1647289454249016-515
Expires
Mon, 14 Mar 2022 20:24:14 GMT
/
partner.mediawallahscript.com/ Frame 6DA9 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-aKdqyUQ0Am5yYa5XGdrXYYs_hLb_NxVF-cd24w&custom=&tag_format=img&tag_action=sync&custom=&cb=ca03598c-96c5-460e-a1c3-661736b8b15b
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.3.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-3-136.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Server
nginx/1.20.0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
v1
ads.yahoo.com/cms/ Frame 6DA9 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/58301/ Frame 6DA9 		0
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-uxyas0Q0Am5yYa5XGdrXYYs_hLYgh6kLfF9XeQ
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie-sync
sync.outbrain.com/ Frame 6DA9 		0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-Z8jheUQ0Am5yYa5XGdrXYYs_hLbp7nQ-_yMI-Q
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Cache-Control
no-cache
X-TraceId
e26fc35365d9f21970b347f47c72ac21
Content-Length
0
t.gif
cw.addthis.com/ Frame 6DA9 		0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=113&pdid=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-121.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:14 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 14 Mar 2022 20:24:14 GMT
tap.php
pixel.rubiconproject.com/ Frame 6DA9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-lfOG80Q0Am5yYa5XGdrXYYs_hLbsodNEHF-CVw&expires=30
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
s.ad.smaato.net/c/ Frame 6DA9 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-0s9C20Q0Am5yYa5XGdrXYYs_hLZ_eVvD_mpCiw
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:a800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
a6jclcveygVq5nyPdkndsuNaPo78UoQL_1_eTLdBRvmclI_a4VJrSw==
x-cache
FunctionGeneratedResponse from cloudfront
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 6DA9 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-tlVc90Q0Am5yYa5XGdrXYYs_hLbpSzDwSiWGNg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13684
sync
ups.analytics.yahoo.com/ups/55945/ Frame 6DA9
Redirect Chain
  • https://pixel.advertising.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1
  • https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55945/sync?uid=k-cKLe_kQ0Am5yYa5XGdrXYYs_hLZ1QfYa34T1TQ&_origin=1&apid=UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
date
Mon, 14 Mar 2022 20:24:14 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
vendor.aaf2a4e6.js
beacon-v2.helpscout.net/static/js/ Frame 6C43 		699 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/vendor.aaf2a4e6.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:28:08 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
3367
etag
"946a62e8130eaf8c074bab6fa6a6f020"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
199971
x-amz-cf-id
qw0Bx3-vBeyxY9UlEnh_4b3aq_Qdg1hMfhDoQejOtwHOdmMY5uaUFg==
main.0a1eb6f8.js
beacon-v2.helpscout.net/static/js/ Frame 6C43 		267 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon-v2.helpscout.net/static/js/main.0a1eb6f8.js
Requested by
Host: beacon-v2.helpscout.net
URL: https://beacon-v2.helpscout.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.groove.cm/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 19:40:47 GMT
content-encoding
gzip
last-modified
Mon, 28 Feb 2022 18:10:35 GMT
server
AmazonS3
age
2608
etag
"dd516ee864c647b9ae367769c389dd7c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f13110b40e6214ad566c753a838f49f4.cloudfront.net (CloudFront)
cache-control
max-age=315360000, s-maxage=7200, public
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
content-length
68669
x-amz-cf-id
cW_sfUaIkDy-ArTgNxcyeCnBAjCWUqZDb7gzzlUKX3Hov3B0fFEMcA==
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 6DA9
Redirect Chain
  • https://secure.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fsecure.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://secure.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
937526
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Mar 2022 20:24:14 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5eb090e8-9664-4bbf-bdf1-f8adb6ce646c
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5730229940849070473
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
groovevideo-thumbnails-39897556cb96436fdcfb1795482d4a8b.jpg
groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/ Frame 6C43 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-39897556cb96436fdcfb1795482d4a8b.jpg
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.143.36 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
44cc3500bb7f0416a61a2b41cc9c55574f85717949535a0854bbcd2c703a5173

Request headers

Referer

Response headers

Date
Mon, 14 Mar 2022 20:24:14 GMT
Last-Modified
Fri, 12 Nov 2021 16:49:22 GMT
Server
AmazonS3
x-amz-request-id
8ZEHZHZP5VBZEVY9
ETag
"4d9b496e4e631125c00714a8e3bb41de"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1316
x-amz-id-2
QOZkuJ2pJ5CeCivS/7Ybgirhlp/oxDDCPA0Ga/XOv0X+i/Xh4rixa3rIoxrWS9w9niHSkmu0wF0=
cookiematch.aspx
dis.criteo.com/dis/rtb/cdb/ Frame 6DA9
Redirect Chain
  • https://gum.criteo.com/sync?c=383&r=1&a=1&u=https%3A%2F%2Fd.turn.com%2Fr%2Fdd%2Fid%2FL2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI%2Fdpuid%2F%40USERID%40%2Furl%2Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%25...
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODc0NDU2Ni90LzI/dpuid/gbJN9x6rF7TXfs7Dpyvs6Pc_7onzb6oV/url/https%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fcdb%2Fcookiematch.aspx%3F%26extid%3D%24!%7BTURN_...
  • https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
content-type
image/gif
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1566580
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://dis.criteo.com/dis/rtb/cdb/cookiematch.aspx?&extid=8311716716119519861
pragma
no-cache
date
Mon, 14 Mar 2022 20:24:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
collect
b.clarity.ms/ Frame FC09 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:13 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
f.clarity.ms/ Frame 8EBD 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f.clarity.ms/collect
Requested by
Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
groovevideo-39897556cb96436fdcfb1795482d4a8b.mp4
videos.groovevideo.com/5dd590f1c586100f1285ee7a/ Frame 6C43 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.groovevideo.com/5dd590f1c586100f1285ee7a/groovevideo-39897556cb96436fdcfb1795482d4a8b.mp4
Requested by
Host: ertcmoney.biz
URL: https://ertcmoney.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b200:b:d801:7900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://app.groove.cm/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=262144-

Response headers

date
Mon, 14 Mar 2022 20:24:14 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront)
last-modified
Fri, 12 Nov 2021 16:49:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
etag
"2a3866383fb5a803961224736cb5f4b2"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 262144-20622091/20622092
accept-ranges
bytes
Content-Length
20359948
x-amz-cf-id
KHH0c3900V87fNGK-A38VoPTf8nAwgFoeXqCrnglXnRGZqoI4r7IQQ==
collect
b.clarity.ms/ Frame 6C43 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:14 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
b.clarity.ms/ Frame FC09 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:15 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
collect
b.clarity.ms/ Frame FC09 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.32/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.groove.cm/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://app.groove.cm
date
Mon, 14 Mar 2022 20:24:19 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| structuredClone object| oncontextlost object| oncontextrestored object| FontAwesomeKitConfig string| websiteurl undefined| encodeSite object| _paq function| mergeContentSettings object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| setImmediate function| clearImmediate object| regeneratorRuntime function| iFrameResize object| FontAwesomeConfig object| ___FONT_AWESOME___ function| setvIframe function| setupFormValidation object| site

55 Cookies

Domain/Path Name / Value
fs22.formsite.com/res Name: JSESSIONID
Value: F9C3E2E3698521B5213BC0746E6B41D8
i.liadm.com/s Name: _li_ss
Value: MgkI_____wcQ5xE
ertcmoney.biz/ Name: _pk_id.4.f65a
Value: 0c1f5da7774275b9.1647289448.
ertcmoney.biz/ Name: _pk_ses.4.f65a
Value: 1
ertcmoney.biz/ Name: hasVisitedPopupPage
Value: true
fs22.formsite.com/ Name: AWSALBCORS
Value: R318Pu+WqLdB2Eozel0n3dtEMdpmnaSUqzdYv62Bjdq0J/6SvGsloVIo2nQ9Y1XXrapPgwm5DDust/8TUYscLJg7JgNi7QMDUBEP9X67Sbq9NtD7+cb+tCgoc8mc
.youtube.com/ Name: YSC
Value: ZGjQE870wXw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: hdk0IFq1_dY
.bing.com/ Name: MUID
Value: 064E0D861F1368422A521CE11E7869B2
.criteo.com/ Name: uid
Value: 518f2c9c-0769-4aa3-8b44-a6926d3cf479
.yahoo.com/ Name: A3
Value: d=AQABBG2kL2ICED-rlmEU-hU-0prP9UkH_egFEgEBAQH1MGI5YgAAAAAA_eMAAA&S=AQAAAqLlcfXOn24e7QQwVKroBrU
.c.bing.com/ Name: SRM_B
Value: 064E0D861F1368422A521CE11E7869B2
.adnxs.com/ Name: uuid2
Value: 5730229940849070473
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 064E0D861F1368422A521CE11E7869B2
.c.clarity.ms/ Name: ANONCHK
Value: 0
.3lift.com/ Name: tluid
Value: 2492972532886399849006
.casalemedia.com/ Name: CMPS
Value: 3268
.media.net/ Name: data-c
Value: k-iTV6ckQ0Am5yYa5XGdrXYYs_hLYf3SIgjFwifg~~3
.casalemedia.com/ Name: CMID
Value: Yi.kbY3MdDHyAH95X6bbOAAA
.bidswitch.net/ Name: c
Value: 1647289453
.bidswitch.net/ Name: tuuid_lu
Value: 1647289453
.bidswitch.net/ Name: tuuid
Value: e9f4e272-e99c-47d8-8708-07a62e053fd0
.rlcdn.com/ Name: pxrc
Value: CAA=
.media.net/ Name: visitor-id
Value: 2902910538397112000V10
.casalemedia.com/ Name: CMPRO
Value: 1178
.sharethrough.com/ Name: stx_user_id
Value: f83f2268-81c0-472a-9ca4-71837e03803d
.revcontent.com/ Name: v1_151
Value: 1
.revcontent.com/ Name: __ID
Value: 1adbec032c64403b96747b322040e91f
.doubleclick.net/ Name: IDE
Value: AHWqTUl3YWRVwhNOlmJ0MKSsVEoATKZSfccM-82wVu-_FEqpAeiPDZoKv7PiwB7fr2A
.advertising.com/ Name: APID
Value: UPb6f24e81-a3d4-11ec-9650-06ec2d14f2b8
ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-pUlRkEQ0Am5yYa5XGdrXYYs_hLa3HPuiINMCBQ
.outbrain.com/ Name: criteo
Value: k-Z8jheUQ0Am5yYa5XGdrXYYs_hLbp7nQ-_yMI-Q
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg&KRTB&23286-uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg&KRTB&23287-uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg&KRTB&23288-uid:k-J141dUQ0Am5yYa5XGdrXYYs_hLYg132-Xz_uGg
.pubmatic.com/ Name: PUBMDCID
Value: 3
.360yield.com/ Name: tuuid_lu
Value: 1647289453
.360yield.com/ Name: tuuid
Value: 334b510e-6bd7-4d47-98ea-d5b8dbc3cec1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~23r8:1761~23r8"
.360yield.com/ Name: umeh
Value: !38,0,1709497454,-1
.turn.com/ Name: uid
Value: 8311716716119519861
.outbrain.com/ Name: obuid
Value: 482e6736-a822-4550-8621-010c490a7e09
ads.stickyadstv.com/ Name: UID
Value: a3d72d526c206b96ca14fc55ba873b1e
ads.stickyadstv.com/ Name: sessionId
Value: 747aef20fa59674271d18054833561
.addthis.com/ Name: ouid
Value: 622fa46e000158a230b66ed33f39ece604233ed2318d5c69957c
.addthis.com/ Name: uid
Value: 622fa46e449ff4d7
.addthis.com/ Name: na_id
Value: 2022031420241413300290194093
.postrelease.com/ Name: opt_out
Value: 1
.pubmatic.com/ Name: PugT
Value: 1647267381
.rlcdn.com/ Name: rlas3
Value: d8OE20SZwZYeTGRtxl//QwHGajKl0weBQU+g2jShJz0=
.360yield.com/ Name: um
Value: !38,ISvYK9xiUgdqfAZDu4aRYdtdKi6mH.8R6EzLguPyM9oqc25J-0-IS3NEUsHPfqpqXkgEk2fI,1655065454
.casalemedia.com/ Name: CMRUM3
Value: 14622fa46e2760k-nly-R0Q0Am5yYa5XGdrXYYs_hLYIj_KdtWwCKg
.casalemedia.com/ Name: CMST
Value: Yi+kbWIvpG4A
.media.net/ Name: data-c-ts
Value: 1647289454
.adnxs.com/ Name: anj
Value: dTM7k!M4/rD>6NRF']wIg2E><nsr3j!iCt-#MUTSo5i@?nrTu!'@TAm`+ed9I9P5ER*h)kI+1uCPq@rJhl]RQ4NBqp4.L++=UGmqKDOKy5D8-@P)[Q]P)j.gSEV):
.liadm.com/ Name: lidid
Value: 9d347ccc-3ed1-4931-8e78-7c32fe808861

5 Console Messages

Source Level URL
Text
security warning URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js(Line 574)
Message:
Mixed Content: The page at 'https://app.groove.cm/groovevideo/video/75176/7KE4VhYEZBAF7a6M9DFD' was loaded over HTTPS, but requested an insecure element 'http://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-8d2985e0fd35262fe8daa16a82295540.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://app.groove.cm/groovevideo/js/chunk-vendors.0e04fe5e.js(Line 574)
Message:
Mixed Content: The page at 'https://app.groove.cm/groovevideo/video/75185/PLltPxii7EurFNwx1sEj' was loaded over HTTPS, but requested an insecure element 'http://groovevideo-videos.s3.amazonaws.com/5dd590f1c586100f1285ee7a/thumbnails/groovevideo-thumbnails-39897556cb96436fdcfb1795482d4a8b.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').
security error URL: https://widget.groovevideo.com/widget/app.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.groovefunnels.com') does not match the recipient window's origin ('https://app.groove.cm').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

175592.tracking.hyros.com
ad.360yield.com
ads.stickyadstv.com
ads.yahoo.com
ajax.googleapis.com
api.loopedin.io
app.groove.cm
app.groovefunnels.com
assets.grooveapps.com
b.clarity.ms
bat.bing.com
beacon-v2.helpscout.net
c.bing.com
c.clarity.ms
cdn.productstash.io
cdn.stickyadstv.com
cdn.tooltip.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cw.addthis.com
d.turn.com
data.tooltip.io
dis.criteo.com
eb2.3lift.com
ertcmoney.biz
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
fs22.formsite.com
googleads.g.doubleclick.net
groovevideo-videos.s3.amazonaws.com
gum.criteo.com
i.liadm.com
i6.liadm.com
idsync.rlcdn.com
jadserve.postrelease.com
ka-f.fontawesome.com
kit.fontawesome.com
match.sharethrough.com
matomo.groovetech.io
mug.criteo.com
partner.mediawallahscript.com
pixel.advertising.com
pixel.rubiconproject.com
pp.signalayer.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.criteo.net
sync-t1.taboola.com
sync.outbrain.com
trends.revcontent.com
ups.analytics.yahoo.com
v1.gdapis.com
videos.groovevideo.com
widget.groovevideo.com
widget.us.criteo.com
www.clarity.ms
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
104.111.242.245
108.128.72.146
108.138.7.83
13.248.245.213
141.226.228.48
142.250.186.162
172.217.23.98
178.250.0.157
178.250.0.163
178.250.2.151
18.194.211.85
18.195.162.156
184.30.24.121
185.33.221.15
185.64.189.110
185.86.139.114
185.93.2.243
2.18.234.21
2.18.234.233
20.75.32.255
20.84.22.197
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::13
212.82.100.181
23.35.228.23
2600:1f18:444a:4602:f850:4eec:7dd:fbc1
2600:1f18:612b:4264:cf98:6d7b:6943:bef0
2600:9000:223d:a600:6:36e8:9f00:93a1
2600:9000:223d:b200:b:d801:7900:93a1
2600:9000:223f:a800:1b:5138:8a40:93a1
2606:4700::6810:125e
2606:4700::6812:15b4
2606:4700::6812:1634
2607:f8b0:4006:822::2003
2620:1ec:27::cafe:1905
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:800::200a
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a00:1450:400e:802::200e
2a00:1450:400e:803::2008
2a00:1450:400e:811::200e
2a02:2638::1c
2a02:2638::3
2a06:98c1:3120::7
2a06:98c1:3121::7
2a0b:4d07:101::1
3.126.56.137
34.231.120.176
34.232.251.165
34.255.38.72
35.169.204.227
35.244.174.68
44.194.124.170
52.142.114.2
52.2.22.200
52.210.228.8
52.219.143.36
52.51.3.136
54.93.153.188
69.173.144.138
70.42.32.63
74.119.119.150
02c8aeff61dc0cef2c88b099eb32d004b3890aa82903cf20dbe73a035d01600a
03740d913a5fcdc0e1c73857e83934b0bf85dd1f5b92e2e1f15f2e283d7261c6
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0982166468cc0ec6e23155f10397456c908a0599e4eac7dd0d81431843ca503f
0c2db1ac95de02a43970f36d6c7c72eec763a5ab8b16e542d1783022c1f3eadc
0c753ec2d20288173731c2cc25fb922481d47999060c1747c5f9b3a7f4cda6ba
0cbf470d7b5d4aa1136de5cf78515a965be83022bc741ffb0a56a27692414c0c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
102390511cfad271d89b358aaa0eb8ee7abab2b7361fa95c724889d57850322c
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d173f34026544a5963fb8a02314f52b1bdb7370e114bf57e1b2ac261541640
19bd09a46cd5735572bec1a138df1d0c1d408767e59c890581a417bdfcd29b25
1bfbb39c9ce26192d0c1d4cbba84a8a608e356eff0cd323d09a0d810a8897f8d
1c8894064a04f2ac7b3e03d6cb7ac9028b08bd2f24b69971319c04ef0cf5aed5
1eff7b7cd26420f2843c2427d5f8fc24c423827818b0f2d457e9cc32193cea77
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
2692b9d4144932d6f0298c92aad85c377c7bcbe6af5c4dfc6f847e7a000b6a70
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
27fb17ded8b02fd7fd9adae449b6bd61f61eba9d69e669a0badcfc82dc2d779b
2ea5cb388c3ad281d879fdaabd916ed97977d6b41fb25b97e030759eb2b02abe
304cbbc575c227a24f183d9800167ab06418327356f73099404136d8bb9a6c92
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
339810bfdd21c109e97b9f24a25111740aeade7d49f30aedf75b0d22963cb538
3701cadc5fc84e8ad639f83a87e20d82575e3cc28d479d73a0e66e5230e71c65
38ba9bd69a8f6114511656eed8cf0f4e3d45d9e2c9aa0a22fb978d5da5ac250b
3e0361122fe1fdced0bd7ae4c33f21d083f7b63a99e79a66b3111a943b160f70
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44cc3500bb7f0416a61a2b41cc9c55574f85717949535a0854bbcd2c703a5173
4535a5a1a7d9c87ef6e0523db857e1e2758d95f4fe3c12f137a30255b67cf3dc
457de0698cbe77a5d3b2c52b27760c5edaefe2f9583992bb3e41cfda9f1d1f5c
4758ffc00e2d3413aece1a57fc3e89b9709202312386d57eb74b5c198cf6800e
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b742f77eab6bf4c1e5f7984e99f21b71712e7fceb85563b1f5048e4b2e15432
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e099629cd81ad69ae59437b8d17f8c059695cc385f1493af5f3a6cce4c994f7
514f8e5d6519274938e2adf1dd5e958abd1d2e9ee8cefa1ee5bbaa9aa1a095f2
51f1ce6a509d26c957259cd2159a104fc59b1a883aef49071c57e04a9d157c28
534b9466b088388dae143525207b94a0983ee12d7b4e97ce21d7e86709911a24
53f65de4984ffcc19a791d18a7e586f706dfc20deeb16391fc16a58dd9e632b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5638dd97e7ad856a15ed69e4faf65d676f528096d40becc9a62edb7588a07291
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d3bf72133f30f5e4ea2824f5906c580070865a0355d83013bc22d1849d8e42
5c0a96a2e0c97784664302304156b2a40db0a686791e1549ab6f42acc4b8ad9a
5d7560c8b33f798d429fa0e84d88e11aff034ec7ab72a758d3ed52fc9b285a18
5df0c0466aaf816cc5ad0f2a818f1e732be1fe4c562252ddf5f585689f3870ec
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60bececd825bd8b845f6b7e4c133166e267c1313e4d8d7f84ec21a634c5ee0f3
6240744a19f326be4e22778eb7c5a39abce05826a8728531b9fddc0a75863e8a
628ce6ef12a73018b199b0556d8624d97aa6c97cd1f5f8a45dd76b5c79648500
63315910cf00eeac9c945dbac9b7ff4fb057ab4083f2645c284fc8c31bc8d201
63dfa606509a32ac64427a74a55b8d12f0a53468d1fb9143e3e62600cd2dee5b
6a8bbe6ff5b2dadf9269a4c5a56fc4600d9cf802ad6985af385f3ccea117faa0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b223bb6c3fb8210034350b25e704c74c30d87756cdda5432b4649483e366e78
6cdefb09aa8ed6fcfcb5ee50239a85d38f1a700653ce9f0420878508c07925ea
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e752f313e083d2bde6a23bb9fac34245ad81af41106b96ee488ab6aa8b14cf9
701a6ffb7173be690f6c7063c776aa66c6bfe948b11df8826d72d795e683a8ad
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
743baa0b70422873ebd3feae4c17a0c65cad663f9074800a99852a5f1d94d4f4
75ef137f34034ede7dab91bb685ed06f53bc3e0af23bb7bc2ece5cd7c37d5aeb
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a7249a1f634a0ecfc772e774a158a0ab74c354609558c382b130bf37a91b346
7b47ae80afa3203ba35b6f17e9a9c0641ac3f8f5d37b3ae9f01f06730b1e7ae6
7c0755e5d5d8d64303905d31c7d052821fcf3a326df95a3781bc446dc1a70610
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fdee17af0a67781a2a9d7dd3c1abae40f81ddfa50e3073aed817a87156e7adc
811bd5062c7158f0ba31eecebb22691a0f9418912aa6e4dae347c95295a59d87
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8349d9a9ffc87ffcdb0f6671e9d9709d7e4aa6cd851628ae81d294ab4001189d
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
857ed05e8c984b95b7d92786d36ec628115cb5a2b111fe9281389db9f19994d9
85a2384595926a0d1306834e955dceff74b539d22f78e06a276c3c6c5d8a09cc
87608a8dea58460e4b38f3445a737f999eb6a62dee361be55e06625d505c4e5c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8edfa8f49ce99041068b4f1aa116740af8b1f5e2e2af664d802816e0a745938b
8faaf7a31723f29322d97c936aaa2d594a993d009780f0cf785798378d72c1c0
911ef7c8eccb36f011b85b2c67156a262d1bb0c9fed0543746d80ed08a8621e5
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91f94a3c7e05d1c1afd01260e88ebea5be6720ed3514c7a82bba96a33d4d6b21
9221b2c07e1ad6a168982f0fbb342131b2e96c0ebe5902d98653d3a546a34632
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
966687aa1bef6dc03757dbd555b7c995b9aa24d197856ed702fe7c59048a0956
98a18f1c035996d2d0befe9d545c097cd405e47d86f45bb76ab5ea3a8fefe749
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf76c0981f3d7cb30be16f19b1419bad27dbccc3c5c5496cd1c84982e756dd8
9f9a0a2fe54d6d2876047599356795e911ae1086a29b7e921aebd48635629c98
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b07d64848958713a6240e0a4323c7c86d7e01111c517a7de75a93470a8c509
b45f5504b077fbe2d545f3b95edd6a1c393d59dd7e65c8a3c0f981658355fb41
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
b8e90b3507ea496e8e6f6402aabc02aa698cd8b2428713025994059763e535f0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c087a8c46caa6c043c697dcbab06f42f8106f9bcbcf845b0e5ef6df096bfa5f3
c177e9c84d392f24927bacc3365c8bb1515707a3c5dc159c14ab35a23d660a14
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
c6c38303932536ea69957d97b4f13bb4f7cecbd2373542e516a9d8429afc0b15
c88091c5c6170199216477010856fa90c6bce90860ed0047582e81249646e24f
c9d651549b9d5dc23529782ecf688fe172f39a95cdc38e9f1cca9c7900d1ce7f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d778f72c2b8ebbb1fda46a74c2003b9b855ccf11679a406b943da762011e6aca
e0e058e685236833013f591b2fcb6f1ab01b76da58514d4d4e38bc3dfc90db4a
e2443aea2b773741d9b268f109a8459f00f07cffce7ee0175c7575730e7db280
e26c06bae18e7c2d3fef7b5bb741d612c50f381a20c5327a71e4d689dafef00b
e37d59b7044541ba860d2d14e952b26813b9acd57be49b335638091e2c849167
e39c0ef7e9bd78d076e41737aa3bef507c7b09c4b6f12143b26ded2b91eb7125
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
edcf009b955ee85711b11344da78bf4f64455af074cb71dc5d038f72bfe618c7
eefcaed1e731e6269947209c907c643e8801654b1e6057d309cfbcdc790dd0ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f027ea063eee0d6e52cca300261c8769a933de84ffdb7e6a2214d447793444db
f54e39446dc1a3407191e704a37aa5da2d12fbdeac8842b6c3a5648377f3e688
f5facaa312d07cddbff9f88d0f41cfd97c4d63be53ce7dfc4fb7f778e366b22f
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
faa7999a9bc916746448d20ba389c7360faea9bc01a9e53fc08275e565cbf399
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd43e82965984b49a1f7902a18168c01ca10f7fd8bdcb63878be4dfcea19ebfc
fe096c1a1b3636490559c3e3d5c51dedcfed669ef95394071a765d922937dc6d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e