ercexpressclaim.com Open in urlscan Pro
213.136.84.143 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ercexpressclaim.com/
Submission: On December 15 via manual (December 15th 2022, 2:09:14 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 18 domains to perform 84 HTTP transactions. The main IP is 213.136.84.143, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is ercexpressclaim.com.

This is the only time ercexpressclaim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	213.136.84.143 213.136.84.143	51167 (CONTABO) (CONTABO)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	3.210.241.206 3.210.241.206	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
3	2606:4700:303... 2606:4700:3035::6815:c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	162.159.128.61 162.159.128.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	146.75.118.109 146.75.118.109	54113 (FASTLY) (FASTLY)
2	34.120.202.204 34.120.202.204	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f2d8:401... 2607:f2d8:4010:c::2	18450 (WEBNX) (WEBNX)
1	2606:4700:20:... 2606:4700:20::681a:a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
1	2600:9000:20e... 2600:9000:20eb:d600:10:4246:7a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:6a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
84	22

32 213.136.84.143 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: srv.hostley.io

ercexpressclaim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.210.241.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-241-206.compute-1.amazonaws.com

api.callwidget.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

up.pixel.ad	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6815:c7 (United States)

ASN13335 (CLOUDFLARENET, US)

convertpops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.128.61 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 146.75.118.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

f.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com

fresnel.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f2d8:4010:c::2 (United States)

ASN18450 (WEBNX, US)

api6.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a55 (United States)

ASN13335 (CLOUDFLARENET, US)

www.iplocate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:d600:10:4246:7a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3jh63k0lznd9l.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6a8 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.ertcexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	ercexpressclaim.com ercexpressclaim.com	686 KB
11	gstatic.com fonts.gstatic.com	263 KB
9	vimeocdn.com f.vimeocdn.com — Cisco Umbrella Rank: 3310 i.vimeocdn.com — Cisco Umbrella Rank: 3218 fresnel.vimeocdn.com — Cisco Umbrella Rank: 3303	376 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 maps.googleapis.com — Cisco Umbrella Rank: 365	60 KB
4	callwidget.co api.callwidget.co — Cisco Umbrella Rank: 556582	581 KB
3	ertcexpress.com portal.ertcexpress.com	840 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
3	convertpops.com convertpops.com	9 KB
2	sitescout.com pixel.sitescout.com — Cisco Umbrella Rank: 3532
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 1896 vimeo.com — Cisco Umbrella Rank: 1737	11 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	112 KB
1	cloudfront.net d3jh63k0lznd9l.cloudfront.net	84 KB
1	iplocate.io www.iplocate.io — Cisco Umbrella Rank: 78055	1 KB
1	ipify.org api6.ipify.org — Cisco Umbrella Rank: 65895	243 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2623	340 B
1	pixel.ad up.pixel.ad — Cisco Umbrella Rank: 9501	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	76 KB
84	18

	Domain	Requested by
32	ercexpressclaim.com	ercexpressclaim.com
11	fonts.gstatic.com	fonts.googleapis.com
5	f.vimeocdn.com	player.vimeo.com
4	api.callwidget.co	ercexpressclaim.com api.callwidget.co
3	portal.ertcexpress.com	ercexpressclaim.com portal.ertcexpress.com
3	bat.bing.com	ercexpressclaim.com bat.bing.com
3	convertpops.com	ercexpressclaim.com convertpops.com
3	fonts.googleapis.com	ercexpressclaim.com portal.ertcexpress.com
2	maps.googleapis.com	portal.ertcexpress.com maps.googleapis.com
2	pixel.sitescout.com	ercexpressclaim.com
2	fresnel.vimeocdn.com	f.vimeocdn.com
2	i.vimeocdn.com	player.vimeo.com
2	www.facebook.com	ercexpressclaim.com
2	connect.facebook.net	ercexpressclaim.com connect.facebook.net
1	d3jh63k0lznd9l.cloudfront.net	ercexpressclaim.com
1	www.iplocate.io	convertpops.com
1	api6.ipify.org	convertpops.com
1	vimeo.com	f.vimeocdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	player.vimeo.com	ercexpressclaim.com
1	up.pixel.ad	ercexpressclaim.com
1	www.googletagmanager.com	ercexpressclaim.com
84	22

This site contains links to these domains. Also see Links.

Domain
ertc-claims.net

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.callwidget.co R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pixel.ad GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-01-26` - `2023-02-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-23` - `2022-12-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-17` - `2023-06-18`	a year	crt.sh
fresnel.vimeocdn.com GTS CA 1D4	`2022-11-27` - `2023-02-25`	3 months	crt.sh
vimeo.com Cloudflare Inc ECC CA-3	`2022-09-21` - `2023-09-20`	a year	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2022-02-07` - `2023-03-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.ertcexpress.com E1	`2022-10-21` - `2023-01-19`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://ercexpressclaim.com/
Frame ID: 10C685D6150C3D44ECC3799B571ECE6F
Requests: 64 HTTP requests in this frame

Frame: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Frame ID: 54255FCD2DA8B98D4AA2A14411609F64
Requests: 11 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 27B0562F17967C1195222D29A9B9297C
Requests: 1 HTTP requests in this frame

Frame: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com
Frame ID: EEDAB1B9A71AE97C3BACC5ACB15AE9B0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ERC Express Claim – You're Entitled to Be Made Whole – Get your business' ERC funds before the program ends.ERC Express Claim – You're Entitled to Be Made Whole – Get your business' ERC funds before the program ends.

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

84
Requests

61 %
HTTPS

62 %
IPv6

18
Domains

22
Subdomains

22
IPs

3
Countries

3114 kB
Transfer

8897 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ertc-claims.net/Privacy-Policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

84 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
ercexpressclaim.com/ 92 KB
18 KB 320ms
103ms Document
text/html 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 5447cce6516dfec6d4320004464f2aee5f35d0062e27e6c8662d6397e624cf4d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-length: 18110
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 14:09:04 GMT
etag: "1416-1670933305;gz"
link: <http://ercexpressclaim.com/wp-json/>; rel="https://api.w.org/" <http://ercexpressclaim.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <http://ercexpressclaim.com/>; rel=shortlink
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H/1.1 200
OK style.css
ercexpressclaim.com/wp-content/themes/twentytwentytwo/ 5 KB
2 KB 375ms
308ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/themes/twentytwentytwo/style.css?ver=1.3
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 7629b1d0286e8e41e74276a5d2a6d417e5658af4024315f5622d411502ce287b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:55:45 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1989
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK elementor-icons.min.css
ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 378ms
310ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:53 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3915
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK frontend-lite.min.css
ercexpressclaim.com/wp-content/plugins/elementor/assets/css/ 101 KB
14 KB 371ms
304ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.8.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 68dc20b37b0b7071711805588742ddad6cc6aaac49f319148fb78a648baeaa60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:57 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 13591
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK post-5.css
ercexpressclaim.com/wp-content/uploads/elementor/css/ 1 KB
708 B 380ms
313ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/uploads/elementor/css/post-5.css?ver=1668793957
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 3b9a7ca4d03acc6d13f078fa80164f7345df829ddaaa992c9576c0e09b7e3be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:52:37 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 357
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK global.css
ercexpressclaim.com/wp-content/uploads/elementor/css/ 9 KB
1 KB 373ms
305ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/uploads/elementor/css/global.css?ver=1668794175
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:56:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 830
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK post-8.css
ercexpressclaim.com/wp-content/uploads/elementor/css/ 18 KB
2 KB 375ms
308ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/uploads/elementor/css/post-8.css?ver=1668794177
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 36be5225c866698bf4a5e0d07c871802f20beaf7a7871746c65eed6ccb0f52de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:56:17 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2139
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 79 KB
3 KB 191ms
33ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f280f538ec031b77432cf8686523924c8ee4c71ec609b3b06ad5edc84d6d6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 14:09:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 14:09:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 14:09:04 GMT

GET
H/1.1 200
OK fontawesome.min.css
ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 385ms
13ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:47 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12551
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK solid.min.css
ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
662 B 386ms
11ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:47 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 311
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK embed Show response
api.callwidget.co/ 666 B
1 KB 373ms
133ms Script
application/json 3.210.241.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.callwidget.co/embed?iID=eyJpdiI6Ijl5emE4bm5TTW5FRlVjQ1dpU2dVVHc9PSIsInZhbHVlIjoiVndGeXNFY1B0bUxsTlNBMTBYTEJ3Zz09IiwibWFjIjoiODcyNjJmYzg5Yzg0NjFiMTU4MTc0NDA0NTUzN2Q1YjJkYWQ2Y2YzMzUyYzA0NjE1OWIzNmM2MjEzOWVkMTJiNSJ9
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.241.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-241-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 99f6530dbc1cfa9c290ecf10533192d1e9e90b98e93242de21a508fda0697bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 14:09:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate, no-store, nocache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 438
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 94ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-14NRV81RB9

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

207404c559e009ffc344f41970af8a8cdec184e4bf291ab66b53e63878748885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 14:09:05 GMT

GET
H2 200 up.js Show response
up.pixel.ad/assets/ 3 KB
2 KB 172ms
15ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://up.pixel.ad/assets/up.js?um=1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:04 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 16:22:21 GMT
server: AC1.1
age: 131833
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1550
x-llid: a39dbd6415fd1fdb9f14b568622d02b4

GET
H/1.1 200
OK claimercrebate.png
ercexpressclaim.com/wp-content/uploads/2022/06/ 16 KB
17 KB 59ms
13ms Image
image/png 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/claimercrebate.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 07abd989d1c4d4a5cb3a077c9950201cfc5eee94205f6e3e01320b02c52bb339

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Tue, 28 Jun 2022 00:52:24 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 16818
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK widget-icon-list.min.css
ercexpressclaim.com/wp-content/plugins/elementor/assets/css/ 11 KB
1 KB 83ms
82ms Stylesheet
text/css 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: ca64cc8b00bd9235466fbc6a2c84877714af3720d7dd78cf070f4cd7d82dec17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:53 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1008
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
ercexpressclaim.com/wp-includes/js/ 18 KB
5 KB 181ms
181ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Tue, 12 Apr 2022 09:26:24 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5021
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H2 200 90321793575cc311a5e3c486a616080b Show response
convertpops.com/pixel/ 16 KB
5 KB 478ms
334ms Script
application/javascript 2606:4700:3035::6815:c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://convertpops.com/pixel/90321793575cc311a5e3c486a616080b
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece6459bb92a32a2c7002ed6a1d9afa059ae21401136537959f5d743ca7b6a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBWlBmuym%2B0OyCOBE4JlI4chP0aX%2Fpv%2B2EJojSC0oZQu3h4Tn7eEP%2F35uIohhW7AbSdJJoZUwTjKQznMOw5x1fp9Yh0q56u8lgtIHk614c93SShYkVZi0m%2BJbZmtbo95rtwNOK%2FPkX%2FyWQsRJmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
cf-ray: 779fc1484aa59186-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK webpack.runtime.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 176ms
176ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:51:05 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2189
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ercexpressclaim.com/wp-includes/js/jquery/ 88 KB
31 KB 268ms
266ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 10:55:04 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 31046
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
ercexpressclaim.com/wp-includes/js/jquery/ 11 KB
4 KB 70ms
68ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 13:36:06 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4168
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK frontend-modules.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 72ms
70ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 10740
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK waypoints.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 269ms
267ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:50:51 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2987
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK core.min.js Show response
ercexpressclaim.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 13ms
13ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 10:55:05 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7093
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK frontend.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 14ms
14ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.1
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:51:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 12061
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

38 KB
12 KB

54ms
34ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 15 Dec 2022 14:09:04 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3378824175604FE4A4526CB0603CD738 Ref B: FRAEDGE2016 Ref C: 2022-12-15T14:09:05Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 49ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 14:09:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vGve3DppepQDK3i6A+XofiBMTzUM5lErkN5khZ+LHK/DlHk1TY1GNkjyM9ny3kBfEpZllQBO0tqk5gsqi23fnw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 713283557 Show response
player.vimeo.com/video/ Frame 5425 22 KB
10 KB 214ms
177ms Document
text/html 162.159.128.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.128.61 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4783d710e6d24442f5e4127d820c6649b6bece1e99fcc4269d41bf09b53a1d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://.akamaized.net https://.akamaized-staging.net https://.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://.dna-delivery.com https://.kollective.app/ https://mimir.cloud.vimeo.com https://.wirewax.com https://.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net https://.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://.vimeocdn.com https://.akamaized.net https://.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://ercexpressclaim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
CF-Cache-Status: DYNAMIC
CF-RAY: 779fc147ad0fbb7d-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 15 Dec 2022 14:09:05 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: MISS
X-Cache-Hits: 0
X-Player-Backend: p
X-Served-By: cache-hhn-etou8220024-HHN
X-Timer: S1671113345.282180,VS0,VE113
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*
expires: Thu, 15 Dec 2022 14:14:40 GMT
link: <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 varnish, 1.1 varnish
x-backend-proxy: playproxy8
x-bapp-server: player-76b5d6c997-cmz9g
x-content-type-options: nosniff
x-host: player-76b5d6c997-cmz9g
x-varnish-cache: 1
x-vserver: playproxy-rollout-prod-varnish-7
x-xss-protection: 1; mode=block

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 68ms
28ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 09:59:57 GMT
x-content-type-options: nosniff
age: 533348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 09:59:57 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 73ms
34ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 14:43:01 GMT
x-content-type-options: nosniff
age: 257164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 14:43:01 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 54ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 521652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:14:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 49ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 05:09:29 GMT
x-content-type-options: nosniff
age: 550776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:09:29 GMT

GET
H2 200 1210025556096836 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 81ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1210025556096836?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dfed4758c7ee91334af9ad75eac2e5ee759163ceff0b35899f9d7e957ec3c8e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 14:09:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 05l3b2hLN0NT8SWkwi3nubnGK8hAJVQ/nZQ63NPIQ91aUbdq9rPQKAsVoMz/HO8drqy0bZJqoeUpkbzIDtftag==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 27024526.js Show response
bat.bing.com/p/action/ 0
117 B 109ms
108ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/27024526.js

Requested by

Host: bat.bing.com
URL: http://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 15 Dec 2022 14:09:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 404AE62FFE5A4D4D866FCA4BA2C3C982 Ref B: FRAEDGE2016 Ref C: 2022-12-15T14:09:05Z
x-cache: CONFIG_NOCACHE

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 51ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 20:22:20 GMT
x-content-type-options: nosniff
age: 496005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 20:22:20 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 166ms
166ms Font
font/woff2 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Fri, 18 Nov 2022 17:50:49 GMT
content-type: font/woff2
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 78196
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 38ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 563263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 01:41:22 GMT

GET
H/1.1 200
OK arrow-1.png
ercexpressclaim.com/wp-content/uploads/2022/06/ 1 KB
2 KB 256ms
255ms Image
image/png 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/arrow-1.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 059d3cd75d85ed31e6a83df050c0af9825eb478e87ca30468960bccb2da142c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:33 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1361
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK 23-1.png
ercexpressclaim.com/wp-content/uploads/2022/06/ 4 KB
5 KB 98ms
92ms Image
image/png 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/23-1.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 9e1e8e3fb06088c29b781dbe55b90dd9a8a529c4478875655daaf08ea7e8aa8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:33 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4572
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK 23-2.png
ercexpressclaim.com/wp-content/uploads/2022/06/ 5 KB
5 KB 107ms
107ms Image
image/png 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/23-2.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 89435da3135898bfc511de82e7b1d935dd01b9e53a3a3c183108923b392c78a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:34 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4820
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK 23-3.png
ercexpressclaim.com/wp-content/uploads/2022/06/ 5 KB
5 KB 14ms
11ms Image
image/png 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/23-3.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 3250d31f91e81a543808c6c318332e024be5b0b197b5a9698762b37d0379ebb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:34 GMT
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4887
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK widget Show response
api.callwidget.co/ 1 MB
580 KB 276ms
276ms Script
application/json 3.210.241.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.callwidget.co/widget?iID=eyJpdiI6Ijl5emE4bm5TTW5FRlVjQ1dpU2dVVHc9PSIsInZhbHVlIjoiVndGeXNFY1B0bUxsTlNBMTBYTEJ3Zz09IiwibWFjIjoiODcyNjJmYzg5Yzg0NjFiMTU4MTc0NDA0NTUzN2Q1YjJkYWQ2Y2YzMzUyYzA0NjE1OWIzNmM2MjEzOWVkMTJiNSJ9
Requested by: Host: api.callwidget.co
URL: https://api.callwidget.co/embed?iID=eyJpdiI6Ijl5emE4bm5TTW5FRlVjQ1dpU2dVVHc9PSIsInZhbHVlIjoiVndGeXNFY1B0bUxsTlNBMTBYTEJ3Zz09IiwibWFjIjoiODcyNjJmYzg5Yzg0NjFiMTU4MTc0NDA0NTUzN2Q1YjJkYWQ2Y2YzMzUyYzA0NjE1OWIzNmM2MjEzOWVkMTJiNSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.241.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-241-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 50a782b28b8ff08ab5c12be7457e73541cfdb1ea987cfd1b8911f0c80de6a80f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 14:09:05 GMT
Content-Encoding: gzip
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Methods: GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, must-revalidate, no-store, nocache, private
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 593112
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 28ms
23ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 162056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Dec 2023 17:08:09 GMT

GET
H3 200 tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v12/ 47 KB
47 KB 49ms
44ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 21:40:49 GMT
x-content-type-options: nosniff
age: 491296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48004
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:40:49 GMT

GET
H3 200 tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 46 KB
46 KB 46ms
42ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:08:35 GMT
x-content-type-options: nosniff
age: 14430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46804
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 10:08:35 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 34ms
30ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://ercexpressclaim.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 64720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 20:10:25 GMT

GET
H/1.1 200
OK bizcons-scaled-1-1-1024x683.jpeg
ercexpressclaim.com/wp-content/uploads/2022/06/ 64 KB
64 KB 11ms
10ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/bizcons-scaled-1-1-1024x683.jpeg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 5c6b37d8f9536769becc727bd85f01538741776abcf4b688a2a894dff674efd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:36 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 65250
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK design-firm-scaled-1-1-1024x714.jpeg
ercexpressclaim.com/wp-content/uploads/2022/06/ 53 KB
54 KB 11ms
11ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/design-firm-scaled-1-1-1024x714.jpeg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 9c569ae3236f257b192338b6c6b5742545fe7e26fab0d0479ddecf99b4b40266

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:38 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 54604
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK ownership-group-scaled-1-1-1024x683.jpeg
ercexpressclaim.com/wp-content/uploads/2022/06/ 81 KB
81 KB 77ms
76ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/ownership-group-scaled-1-1-1024x683.jpeg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: de54c1009c525eceb5a4c2f96ed20abe16508ed82f4abe7381bb8e92eb9c8276

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:40 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 82527
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK smallrestaurant-1-1024x682.jpeg
ercexpressclaim.com/wp-content/uploads/2022/06/ 137 KB
137 KB 102ms
102ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/smallrestaurant-1-1024x682.jpeg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 4adf742c6e3ac1cc25f67c3f2c045b4013de83336fcb9041caa29af124332c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:43 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 140029
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK educational-1.jpg
ercexpressclaim.com/wp-content/uploads/2022/06/ 66 KB
67 KB 92ms
92ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/educational-1.jpg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 933663bf52f10a0b98b8151658b199f72d1f6e0558af57ce34e34bfb4a9899ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:43 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 67919
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK ertc-768x432-1.jpg
ercexpressclaim.com/wp-content/uploads/2022/06/ 37 KB
38 KB 83ms
83ms Image
image/jpeg 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ercexpressclaim.com/wp-content/uploads/2022/06/ertc-768x432-1.jpg
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 9d05cc78f6baa7c20ec9e0465c75b86f6bcf3ea127fe9306a52c93954becab26

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
last-modified: Mon, 27 Jun 2022 11:10:44 GMT
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 38178
expires: Thu, 22 Dec 2022 14:09:05 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
340 B 55ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-14NRV81RB9&gtm=2oebu0&_p=39465123&cid=1273483213.1671113345&ul=en-us&sr=1600x1200&_s=1&sid=1671113345&sct=1&seg=0&dl=http%3A%2F%2Fercexpressclaim.com%2F&dt=ERC%20Express%20Claim%20%E2%80%93%20You%27re%20Entitled%20to%20Be%20Made%20Whole%20%E2%80%93%20Get%20your%20business%27%20ERC%20funds%20before%20the%20program%20ends.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-14NRV81RB9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 14:09:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://ercexpressclaim.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 48ms
15ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1210025556096836&ev=PageView&dl=http%3A%2F%2Fercexpressclaim.com%2F&rl=&if=false&ts=1671113345373&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671113345371.1680829307&it=1671113345248&coo=false&rqm=GET

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 14:09:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 player.module.js Show response
f.vimeocdn.com/p/4.16.0/js/ Frame 5425 475 KB
115 KB 47ms
6ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.0/js/player.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7c725f58a73bbeb3f71c23472401108e5628a6d9212744fea9442826452e4c4

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200050-IAD, cache-fra-eddf8230076-FRA
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 153273
x-timer: S1671113345.456085,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 117336
x-cache-hits: 36, 27234

GET
H2 200 vendor.module.js Show response
f.vimeocdn.com/p/4.16.0/js/ Frame 5425 425 KB
105 KB 53ms
13ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.0/js/vendor.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f8374cd4b16e03f11f38836d64b97cacb6fb5e7f3058c4fa97608dd2a31083bd

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-eddf8230076-FRA
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 153272
x-timer: S1671113345.456197,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 107260
x-cache-hits: 28, 45277

GET
H2 200 player.css
f.vimeocdn.com/p/4.16.0/css/ Frame 5425 252 KB
22 KB 48ms
7ms Stylesheet
text/css 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.0/css/player.css
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 463d05e8a2d9cdb5038c05a211eb3f60dc8d6ee4575d22010336cba49aa91251

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kcgs7200048-IAD, cache-fra-eddf8230030-FRA
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 153273
x-timer: S1671113345.457052,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 22089
x-cache-hits: 13, 46063

GET
H2 200 1437982814-b8d76d1fb7bba9e7426cf00316f3225341a6502118e2b48861535d3d29ca6a98-d.jpg
i.vimeocdn.com/video/ Frame 5425 2 KB
2 KB 167ms
128ms Image
image/jpeg 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1437982814-b8d76d1fb7bba9e7426cf00316f3225341a6502118e2b48861535d3d29ca6a98-d.jpg?mw=80&q=85
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f9c6173e72cffb52943f671fa84f15dfa2a77431db54b362407716dc775dcbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 615876
x-viewmaster-lossless-format: lossy
x-cache: miss, HIT, HIT
x-backend-server: varnish
content-length: 1730
viewmaster-server: viewmaster-us-central1-sjk6
x-served-by: cache-dfw-kdfw8210103-DFW, cache-fra-eddf8230127-FRA
x-timer: S1671113345.455233,VS0,VE122
etag: b8a0c9b74ee5fb082a529fe2f5b6c913
access-control-max-age: 86400
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 211, 1

GET
H2 200 player.de-DE.module.js Show response
f.vimeocdn.com/p/4.16.0/js/ Frame 5425 477 KB
116 KB 60ms
23ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/p/4.16.0/js/player.de-DE.module.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58c5ef99d9a80b9780cf1c45989e63cecd5c696c9e0391c6197e625cc635df52

Request headers

Referer: https://player.vimeo.com/
Origin: https://player.vimeo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kjyo7100088-IAD, cache-fra-eddf8230076-FRA
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 153272
x-timer: S1671113345.456268,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: MISS, HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 118600
x-cache-hits: 0, 17636

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=27024526&Ver=2&mid=ec48a77a-e457-4c37-95f4-39f519db15a7&sid=08e386307c8211edb990d90693f64aaa&vid=08e3a9907c8211edb5ad1939ce2fee86&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=ERC%20Express%20Claim%20%E2%80%93%20You%27re%20Entitled%20to%20Be%20Made%20Whole%20%E2%80%93%20Get%20your%20business%27%20ERC%20funds%20before%20the%20program%20ends.&p=http%3A%2F%2Fercexpressclaim.com%2F&r=&lt=1037&evt=pageLoad&sv=1&rn=815225

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Dec 2022 14:09:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1137258FA8A247B4B74174DC8F919ACD Ref B: FRAEDGE2016 Ref C: 2022-12-15T14:09:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 13ms
11ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:51:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 664
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H/1.1 200
OK video.fab0f05f6306583e8ff8.bundle.min.js Show response
ercexpressclaim.com/wp-content/plugins/elementor/assets/js/ 3 KB
2 KB 400ms
399ms Script
application/javascript 213.136.84.143
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.1
Protocol: HTTP/1.1
Server: 213.136.84.143 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: srv.hostley.io
Software: /
Resource Hash: 3ab879b1707f9bba9464dbb87764b513e083869aef16224bff15054c54be2fca

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 17:51:07 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1380
expires: Thu, 22 Dec 2022 14:09:05 GMT

GET
H2 200 vuid.min.js Show response
f.vimeocdn.com/js_opt/modules/utils/ Frame 5425 2 KB
1 KB 7ms
7ms Script
application/javascript 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000106-IAD, cache-fra-eddf8230030-FRA
date: Thu, 15 Dec 2022 14:09:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2321507
x-timer: S1671113346.607908,VS0,VE0
vary: Accept-Encoding,x-http-method-override
x-cache: HIT, HIT
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
content-length: 997
x-cache-hits: 20, 258212

POST
H2 200 player-test-impression
fresnel.vimeocdn.com/add/ Frame 5425 0
40 B 149ms
113ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.0/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 15 Dec 2022 14:09:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 1437982814-b8d76d1fb7bba9e7426cf00316f3225341a6502118e2b48861535d3d29ca6a98-d
i.vimeocdn.com/video/ Frame 5425 15 KB
15 KB 141ms
140ms Image
image/avif 146.75.118.109
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.vimeocdn.com/video/1437982814-b8d76d1fb7bba9e7426cf00316f3225341a6502118e2b48861535d3d29ca6a98-d?mw=600&mh=337
Requested by: Host: player.vimeo.com
URL: https://player.vimeo.com/video/713283557?color&autopause=0&loop=0&muted=0&title=1&portrait=1&byline=1&h=175044fc12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.118.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d76f8e76458f63317c2148784b6ada3f8e5e4b867628a5dba70c5a805f2c991b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:05 GMT
via: vvarnish, 1.1 varnish, 1.1 varnish
age: 654503
x-viewmaster-lossless-format: automatic
x-cache: miss, HIT, MISS
x-backend-server: varnish
content-length: 15537
viewmaster-server: viewmaster-us-east1-737m
x-served-by: cache-dfw-kdfw8210049-DFW, cache-fra-eddf8230127-FRA
x-timer: S1671113346.651082,VS0,VE133
etag: 657db6dcfe82fa652d1ae4795ece94e3
access-control-max-age: 86400
vary: Accept
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: X-Viewmaster-Status
cache-control: public, max-age=2592000
accept-ranges: bytes
x-cache-hits: 36, 0

POST
H2 200 player-stats
fresnel.vimeocdn.com/add/ Frame 5425 0
142 B 134ms
110ms Ping
text/plain 34.120.202.204
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=59511f5569d70be7c479a4be255f3d27af3a56581671113345
Requested by: Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.16.0/js/vendor.module.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 204.202.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.vimeo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://player.vimeo.com
date: Thu, 15 Dec 2022 14:09:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H/1.1 204
No Content vuid
vimeo.com/ablincoln/ Frame 5425 0
902 B 193ms
168ms Ping
text/plain 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vimeo.com/ablincoln/vuid?pid=59511f5569d70be7c479a4be255f3d27af3a56581671113345

Requested by

Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vimeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires: Thu, 15 Dec 2022 02:09:05 GMT
Date: Thu, 15 Dec 2022 14:09:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
CF-Cache-Status: DYNAMIC
Via: 1.1 varnish, 1.1 varnish
content-security-policy-report-only: default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache: MISS, MISS
Connection: keep-alive
x-xss-protection: 1; mode=block
X-Served-By: cache-iad-kcgs7200141-IAD, cache-fra-eddf8230053-FRA
x-ua-compatible: IE=edge
x-vimeo-device: d
Server: cloudflare
X-Timer: S1671113346.712772,VS0,VE133
x-backend-proxy: webproxy2
x-frame-options: sameorigin
Vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server: pweb-6d496f6bc6-6k4p9
Accept-Ranges: bytes
CF-RAY: 779fc14a9b628ffe-FRA
X-Cache-Hits: 0, 0

GET
H/1.1 200
OK / Show response
api6.ipify.org/ 24 B
243 B 3298ms
2499ms XHR
text/plain 2607:f2d8:4010:c::2
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: https://api6.ipify.org/
Requested by: Host: convertpops.com
URL: https://convertpops.com/pixel/90321793575cc311a5e3c486a616080b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2607:f2d8:4010:c::2 , United States, ASN18450 (WEBNX, US),
Reverse DNS
Software: nginx/1.23.1 /
Resource Hash: ea3936c658514ceedc75f1a29737460ae3b5857ee35ac58fa8510edf471548f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: http://ercexpressclaim.com
Date: Thu, 15 Dec 2022 14:09:08 GMT
Server: nginx/1.23.1
Connection: keep-alive
Content-Length: 24
Vary: Origin
Content-Type: text/plain

GET
H2 200 2a00:c98:2050:a007:2::12 Show response
www.iplocate.io/api/lookup/ 322 B
1 KB 246ms
216ms XHR
application/json 2606:4700:20::681a:a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iplocate.io/api/lookup/2a00:c98:2050:a007:2::12

Requested by

Host: convertpops.com
URL: https://convertpops.com/pixel/90321793575cc311a5e3c486a616080b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3fd859e44d346a8ac85e1f0708b160ce44c765e9855059f142b9ad887a9364e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 43624472-ec3d-4a90-8a8d-68276d1d4281
x-runtime: 0.007853
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f3fd859e44d346a8ac85e1f0708b160c"
x-download-options: noopen
x-ratelimit-remaining: 999
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-ratelimit-limit, x-ratelimit-reset, x-ratelimit-remaining
cache-control: max-age=0, private, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=64kxXrjW%2BPDCcuqCBJ5isaknCppRpDaZExHjukZvVt4gV2qhoJpyy5fyDNyusDvk8xXpQc8ZjgbInPEgrV1KuczjEa1a4RkLWOYksh4X2JKC16Yz%2B7%2FjeAdTnol0HVDuLW3TzHR7eTjsReaaIA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ratelimit-reset: 2022-12-16 00:00:00 +0000
vary: Origin
x-ratelimit-limit: 1000
cf-ray: 779fc15f3cbdbbb5-FRA
x-frame-options: SAMEORIGIN
x-ratelimit-client-id: 2a00:c98:2050:a007:2::12

GET
H3 200 pixel.css
convertpops.com/themes/altum/assets/css/ 21 KB
3 KB 385ms
367ms Stylesheet
text/css 2606:4700:3035::6815:c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://convertpops.com/themes/altum/assets/css/pixel.css
Requested by: Host: convertpops.com
URL: https://convertpops.com/pixel/90321793575cc311a5e3c486a616080b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04d606150fc52c081c062752378ca1373b2e975a87484b1998bf1a84093a41e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 22 Jan 2020 16:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6inOa2dAdpzl6RWRhaLMFP%2B8DHJfpAiTyAAQr7SrATNgPjiGzZ9YVffAnFeTGFLrC4AadiI3sI5XiOYYmTpP0NOnlaZeHazbX4PuoJw0N%2FK3bjenPgCJ0UGTXSySIrQTN9QoE7kj%2Ff6ySzBLMEo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 779fc160bb6890ac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pixel-track
convertpops.com/ 0
546 B 1781ms
1763ms Image
text/html 2606:4700:3035::6815:c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://convertpops.com/pixel-track?pixel_key=90321793575cc311a5e3c486a616080b&ip=2a00:c98:2050:a007:2::12&location={%22city%22:%22Huenxe%22,%22country%22:%22Germany%22,%22country_code%22:%22DE%22}&agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/108.0.5359.124%20Safari/537.36&current_page=http%3A%2F%2Fercexpressclaim.com%2F&type=track
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 14:09:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUiJM7mpeiKTP3%2BlhAJa8%2BOedrL2dx17jUpeOU40sg9jeAnctDPIy%2FHqp%2FiWZIGpkiK%2BVJaNvMA8idFQ4O5zziPSCplMEfk5a%2BgkCOB6Z3ymw4B%2BAlVovvBGYZofmrXBW00wodPW5MKwvcYFmWA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 779fc160bb7990ac-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 27B0 0
0 49ms
13ms Document
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Referer: http://ercexpressclaim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0,no-cache,no-store
date: Thu, 15 Dec 2022 14:09:08 GMT
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
server: AC1.1

GET
H2 500 89e55b8ec507f43c
pixel.sitescout.com/up/ 0
0 56ms
15ms Image
text/html 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/89e55b8ec507f43c?cntr_url=http%3A%2F%2Fercexpressclaim.com%2F
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

OPTIONS
H/1.1 204
No Content 4041
api.callwidget.co/api/v1/booking/conversion/ Frame 0
0 377ms
166ms Preflight 3.210.241.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.callwidget.co/api/v1/booking/conversion/4041
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.241.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-241-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://ercexpressclaim.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: CONTENT-TYPE
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: http://ercexpressclaim.com
Cache-Control: no-cache, private
Connection: close
Date: Thu, 15 Dec 2022 14:09:09 GMT
Server: Apache/2.4.41 (Ubuntu)

POST
H/1.1 200
OK 4041 Show response
api.callwidget.co/api/v1/booking/conversion/ 16 B
369 B 363ms
173ms XHR
application/json 3.210.241.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.callwidget.co/api/v1/booking/conversion/4041
Requested by: Host: api.callwidget.co
URL: https://api.callwidget.co/widget?iID=eyJpdiI6Ijl5emE4bm5TTW5FRlVjQ1dpU2dVVHc9PSIsInZhbHVlIjoiVndGeXNFY1B0bUxsTlNBMTBYTEJ3Zz09IiwibWFjIjoiODcyNjJmYzg5Yzg0NjFiMTU4MTc0NDA0NTUzN2Q1YjJkYWQ2Y2YzMzUyYzA0NjE1OWIzNmM2MjEzOWVkMTJiNSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.210.241.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-241-206.compute-1.amazonaws.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: http://ercexpressclaim.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/json

Response headers

Date: Thu, 15 Dec 2022 14:09:10 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Origin
X-RateLimit-Remaining: 119
Content-Type: application/json
Access-Control-Allow-Origin: http://ercexpressclaim.com
Cache-Control: no-cache, private
X-RateLimit-Limit: 120
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 16

GET
H2 200 GotQuestions-TextUs.png
d3jh63k0lznd9l.cloudfront.net/install_logos/3312/ 83 KB
84 KB 500ms
448ms Image
image/png 2600:9000:20eb:d600:10:4246:7a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3jh63k0lznd9l.cloudfront.net/install_logos/3312/GotQuestions-TextUs.png
Requested by: Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:d600:10:4246:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87afd1095f6ad1bbfd4074e495002af523f192e0a3a27212d8c8696bb4fcea54

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:10 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 17:50:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "1ed8792aeb161dc22551860a24f958a9"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 85306
x-amz-cf-id: ndFexZ_Y8URDjZ5lS82fscvH-OG9pCdkl0Gx4tSB9WZO8McE9lAOWA==

GET
DATA 200
OK truncated
/ 160 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffa0c564dd772e9f01a0205dc722271e5b554b4c513a647de8764dbadd67db8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 32ms
14ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1210025556096836&ev=Microdata&dl=http%3A%2F%2Fercexpressclaim.com%2F&rl=&if=false&ts=1671113350237&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22ERC%20Express%20Claim%20%E2%80%93%20You%27re%20Entitled%20to%20Be%20Made%20Whole%20%E2%80%93%20Get%20%20your%20business%27%20ERC%20funds%20before%20the%20program%20ends.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1671113345371.1680829307&it=1671113345248&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ercexpressclaim.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 14:09:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 lead-intake Show response
portal.ertcexpress.com/ Frame EEDA 1 KB
1 KB 392ms
338ms Document
text/html 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Requested by

Host: ercexpressclaim.com
URL: http://ercexpressclaim.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14ddc3794a93ec6da8e4374646036853ac531ce4ca2384c510b5337ae72de102

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: http://ercexpressclaim.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 779fc16c1f289b6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 14:09:11 GMT
expect-ct: max-age=0
last-modified: Wed, 14 Dec 2022 23:31:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06YTpF%2BGktIPfMFKJl%2FeZsN7H%2Bkl45lFIaGCRO3dM%2BofRonxh8bk9ea3YrtRuSpDP%2BjNn0gl7a0n6U0LI7S822J05tk10Crcvd9Oy8HhcVuBs%2FnqS%2Fw%2Bv6tCBKOllB7LTfLuxUlyfz4LK3hBGC6jp14KAtg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame EEDA 26 KB
1 KB 63ms
23ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 13:23:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 14:09:11 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame EEDA 7 KB
618 B 61ms
21ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 12:14:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 14:09:11 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame EEDA 169 KB
55 KB 95ms
47ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBWoHM2_MNc0jsu215pBfJOo0rOjmh3TPM&libraries=places

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b3ff714a1d2f4334152f3f99c2290fd32f024ebe0259202e901c5b003269a3e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:11 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=26
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56383
x-xss-protection: 0
expires: Thu, 15 Dec 2022 14:39:11 GMT

GET
H2 200 main.0020fdd3.js Show response
portal.ertcexpress.com/static/js/ Frame EEDA 3 MB
829 KB 676ms
675ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/static/js/main.0020fdd3.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86574125fa61e9fef1e42457f34ad5c263279b99e40dbd89825d45568b8a4a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:12 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 14 Dec 2022 23:31:12 GMT
server: cloudflare
etag: W/"34444e-18512fa4e00"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: ALLOWALL
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUP38TDg%2BeLRv%2FNsMKp0KGodBT3VITmE%2BAB6DRqz4d7iT3vgIRGwRf1JMwTyr9YmfLMgnYWJIpTokVzApDLl4S%2FWtWsMWqiU2ePO%2Fkq8LEeNPFvo3bVbDV3MH8WESUY0Py6qE%2FHHzoNQnM0KEWDN2JDccCE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding
cf-ray: 779fc16e4bdf9b6e-FRA

GET
H2 200 main.decb832d.css
portal.ertcexpress.com/static/css/ Frame EEDA 50 KB
9 KB 346ms
345ms Stylesheet
text/css 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/static/css/main.decb832d.css

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://ercpayrollrebate.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478404851361fb7e73a9f6f10a1c7518ed076614439849f008753d4c1d32a05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:11 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
last-modified: Wed, 14 Dec 2022 23:31:12 GMT
server: cloudflare
etag: W/"c6ec-18512fa4e00"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: ALLOWALL
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nxy6xQMulSRBctDDKL6S%2B5Ig%2FmAaHQnLm3omLkiArsjLb3tyK79HOBCvBgdZm6oXqZDrrJId2xP5b%2F7MLY0%2Fw9MtdJiOtRw9fU3FwrXhm6vwDw1sXdes5VD9XLLc4OeEwuv%2B3U2T4l9L31fSXqC3fwy%2Bs88%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
vary: Accept-Encoding
cf-ray: 779fc16e4bdd9b6e-FRA

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame EEDA 3 B
45 B 60ms
32ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBWoHM2_MNc0jsu215pBfJOo0rOjmh3TPM&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame EEDA 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 521659
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 13:14:53 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bing.com/	1970-01-20 17:33:29	Name: MUID Value: 14CBA9B1CD0C6939045EBBCACCDE6883
.ercexpressclaim.com/	1970-01-20 17:47:53	Name: _ga_14NRV81RB9 Value: GS1.1.1671113345.1.0.1671113345.0.0.0
.ercexpressclaim.com/	1970-01-20 17:47:53	Name: _ga Value: GA1.1.1273483213.1671113345
.ercexpressclaim.com/	1970-01-20 10:21:29	Name: _fbp Value: fb.1.1671113345371.1680829307
.vimeo.com/	1970-01-20 08:11:55	Name: __cf_bm Value: qNQpM.i0cAgTuWnIqc4NVcRPjvvCl4L_b2nC1cOXypQ-1671113345-0-AZwLQieVjHdwlupe9616nATSHT1Wqav41kQVlBwYtRWHHH/XJg9RqKyHOuyne8BWILHnWxGaBOweDhsulwutK3o=
.ercexpressclaim.com/	1970-01-20 08:13:19	Name: _uetsid Value: 08e386307c8211edb990d90693f64aaa
.ercexpressclaim.com/	1970-01-20 17:33:29	Name: _uetvid Value: 08e3a9907c8211edb5ad1939ce2fee86
.vimeo.com/	1970-01-20 17:47:53	Name: vuid Value: pl1341571242.1069454800

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pixel.sitescout.com/up/89e55b8ec507f43c?cntr_url=http%3A%2F%2Fercexpressclaim.com%2F Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.callwidget.co
api6.ipify.org
bat.bing.com
connect.facebook.net
convertpops.com
d3jh63k0lznd9l.cloudfront.net
ercexpressclaim.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
maps.googleapis.com
pixel.sitescout.com
player.vimeo.com
portal.ertcexpress.com
region1.google-analytics.com
up.pixel.ad
vimeo.com
www.facebook.com
www.googletagmanager.com
www.iplocate.io
146.75.118.109
162.159.128.61
162.159.138.60
178.79.242.181
2001:4860:4802:32::36
213.136.84.143
2600:9000:20eb:d600:10:4246:7a40:93a1
2606:4700:20::681a:6a8
2606:4700:20::681a:a55
2606:4700:3035::6815:c7
2607:f2d8:4010:c::2
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
2a00:1450:4001:831::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.210.241.206
34.120.202.204
98.98.134.243
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04d606150fc52c081c062752378ca1373b2e975a87484b1998bf1a84093a41e0
059d3cd75d85ed31e6a83df050c0af9825eb478e87ca30468960bccb2da142c8
07abd989d1c4d4a5cb3a077c9950201cfc5eee94205f6e3e01320b02c52bb339
14ddc3794a93ec6da8e4374646036853ac531ce4ca2384c510b5337ae72de102
207404c559e009ffc344f41970af8a8cdec184e4bf291ab66b53e63878748885
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
3250d31f91e81a543808c6c318332e024be5b0b197b5a9698762b37d0379ebb8
36be5225c866698bf4a5e0d07c871802f20beaf7a7871746c65eed6ccb0f52de
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3ab879b1707f9bba9464dbb87764b513e083869aef16224bff15054c54be2fca
3b9a7ca4d03acc6d13f078fa80164f7345df829ddaaa992c9576c0e09b7e3be8
3f9c6173e72cffb52943f671fa84f15dfa2a77431db54b362407716dc775dcbb
45e78216d62e7ef2a2c7d0bda526ddfb789444fb8a986b024d059373acb27c16
463d05e8a2d9cdb5038c05a211eb3f60dc8d6ee4575d22010336cba49aa91251
478404851361fb7e73a9f6f10a1c7518ed076614439849f008753d4c1d32a05f
4a518bd1723da2b6011895ad68059361ebb4cb80de3eec9145eacee89ddd9745
4adf742c6e3ac1cc25f67c3f2c045b4013de83336fcb9041caa29af124332c1d
50a782b28b8ff08ab5c12be7457e73541cfdb1ea987cfd1b8911f0c80de6a80f
5447cce6516dfec6d4320004464f2aee5f35d0062e27e6c8662d6397e624cf4d
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
58c5ef99d9a80b9780cf1c45989e63cecd5c696c9e0391c6197e625cc635df52
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c6b37d8f9536769becc727bd85f01538741776abcf4b688a2a894dff674efd7
5ceb0c2088d29cecbe3ee571dc3cf6fec764bbb7c73f0e22c73007149a2ce68d
5d80f13fd7524318f81eb1301170d4d0fbee242c12403c01f3a06c9f681192c7
68dc20b37b0b7071711805588742ddad6cc6aaac49f319148fb78a648baeaa60
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
7629b1d0286e8e41e74276a5d2a6d417e5658af4024315f5622d411502ce287b
7b64a84c219d901e94b497f2374a5eabfa89a26b3c2891c774979dea81bb66d4
7f280f538ec031b77432cf8686523924c8ee4c71ec609b3b06ad5edc84d6d6f5
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
86574125fa61e9fef1e42457f34ad5c263279b99e40dbd89825d45568b8a4a43
87afd1095f6ad1bbfd4074e495002af523f192e0a3a27212d8c8696bb4fcea54
89435da3135898bfc511de82e7b1d935dd01b9e53a3a3c183108923b392c78a1
8a4783d710e6d24442f5e4127d820c6649b6bece1e99fcc4269d41bf09b53a1d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
933663bf52f10a0b98b8151658b199f72d1f6e0558af57ce34e34bfb4a9899ba
99f6530dbc1cfa9c290ecf10533192d1e9e90b98e93242de21a508fda0697bfe
9c569ae3236f257b192338b6c6b5742545fe7e26fab0d0479ddecf99b4b40266
9d05cc78f6baa7c20ec9e0465c75b86f6bcf3ea127fe9306a52c93954becab26
9e1e8e3fb06088c29b781dbe55b90dd9a8a529c4478875655daaf08ea7e8aa8c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3ff714a1d2f4334152f3f99c2290fd32f024ebe0259202e901c5b003269a3e6
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca64cc8b00bd9235466fbc6a2c84877714af3720d7dd78cf070f4cd7d82dec17
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d76f8e76458f63317c2148784b6ada3f8e5e4b867628a5dba70c5a805f2c991b
d7c725f58a73bbeb3f71c23472401108e5628a6d9212744fea9442826452e4c4
de54c1009c525eceb5a4c2f96ed20abe16508ed82f4abe7381bb8e92eb9c8276
dfed4758c7ee91334af9ad75eac2e5ee759163ceff0b35899f9d7e957ec3c8e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea3936c658514ceedc75f1a29737460ae3b5857ee35ac58fa8510edf471548f2
ece6459bb92a32a2c7002ed6a1d9afa059ae21401136537959f5d743ca7b6a12
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f3fd859e44d346a8ac85e1f0708b160ce44c765e9855059f142b9ad887a9364e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6eb858ead7f15dcd18541c5433714e0c0966d81b8d009a2d49e5a181e548fbb
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8374cd4b16e03f11f38836d64b97cacb6fb5e7f3058c4fa97608dd2a31083bd
ffa0c564dd772e9f01a0205dc722271e5b554b4c513a647de8764dbadd67db8f

ercexpressclaim.com Open in urlscan Pro 213.136.84.143 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

61 %HTTPS

62 %IPv6

18 Domains

22 Subdomains

22 IPs

3 Countries

3114 kBTransfer

8897 kBSize

8 Cookies

1 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ercexpressclaim.com Open in urlscan Pro
213.136.84.143 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

61 %
HTTPS

62 %
IPv6

18
Domains

22
Subdomains

22
IPs

3
Countries

3114 kB
Transfer

8897 kB
Size

8
Cookies

84 HTTP transactions
1 data transactions