urlscan.io logo urlscan.io
SecurityTrails logo

activerefund.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://activerefund.com/
Submission: On March 30 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is activerefund.com.
TLS certificate: Issued by GTS CA 1P5 on March 30th 2023. Valid for: 3 months.
This is the only time activerefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 8 44.236.64.62 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:236... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.104.231.58 63949 (AKAMAI-AP...)
38 10
17    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
activerefund.com
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    44.236.64.62 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-64-62.us-west-2.compute.amazonaws.com
embed.ercspecialists.com
6    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:236e:5e00:1e:b6b6:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.firstpromoter.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    172.104.231.58 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: nb-172-104-231-58.frankfurt.nodebalancer.linode.com
t.firstpromoter.com
Apex Domain
Subdomains		 Transfer
17 activerefund.com
activerefund.com
1013 KB
8 ercspecialists.com
embed.ercspecialists.com
112 KB
6 gstatic.com
fonts.gstatic.com
106 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
ajax.googleapis.com — Cisco Umbrella Rank: 357
33 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
9 KB
2 firstpromoter.com
cdn.firstpromoter.com — Cisco Umbrella Rank: 34788
t.firstpromoter.com — Cisco Umbrella Rank: 433808
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
80 KB
38 7
Domain Requested by
17 activerefund.com activerefund.com
8 embed.ercspecialists.com 1 redirects activerefund.com
embed.ercspecialists.com
6 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net embed.ercspecialists.com
2 fonts.googleapis.com activerefund.com
embed.ercspecialists.com
1 t.firstpromoter.com cdn.firstpromoter.com
1 ajax.googleapis.com embed.ercspecialists.com
1 cdn.firstpromoter.com embed.ercspecialists.com
1 www.googletagmanager.com embed.ercspecialists.com
38 9

This site contains no links.

Subject Issuer Validity Valid
*.activerefund.com
GTS CA 1P5		 2023-03-30 -
2023-06-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.ercspecialists.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-06-04		 4 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.firstpromoter.com
Amazon RSA 2048 M01		 2023-02-17 -
2024-01-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://activerefund.com/
Frame ID: A3502B1ECAA678E4118E3FE28D29758D
Requests: 21 HTTP requests in this frame

Frame: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Frame ID: 9A24C13513F79BFA4707C4D01E37D468
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

100 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

10
IPs

2
Countries

1357 kB
Transfer

2353 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://embed.ercspecialists.com/?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk HTTP 302
  • https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
activerefund.com/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19953a9a92c249fb0b1815506667ba3ba19f70e967d588e39d221e58662b00d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7b014e58ea22b8c4-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 30 Mar 2023 15:15:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axTQDyGuSfOi%2BgvpMKYDL1m9vG3exlws0bGBz%2FhXPXAe4kfvXeAQa%2BAY0TfV7zITb9ngeZgynNKA3BArDDvP0M7IK2uU1V48lhMP6XPbp3kz1kM5zARQHYV2Omufph%2BcCnrItloHRWmJabHg%2BqH8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
bootstrap.min.css
activerefund.com/assets/bootstrap/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"5472604a29d8b5e0816db1cabf77e78e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJnZsYJbyU0JpsNfE9hJxwHBLIQyYbvZJ%2FJytuK051NIj4MCBjgql%2BkAvSMfUZBkG1FScx8juuVaCjevHQgsVGg1v%2Bl4SxnQnEGMCOjJX5N4E8TJyHrHkMGBBL6xXzh9QH6bZ1d%2BI5zO%2BJ9TNSMU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c20b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-grid.min.css
activerefund.com/assets/bootstrap/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:05 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"743cc851c019babc76d501cea9f4f854"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BhJrZ6eCmVmybS6eI%2FdQ4mCB3N3MFqSddWUrqOVhgj36fANR5G7zZya9f%2BM05N7EnAnIvA2eDl2qwyX4Mc%2FufKrDV6t%2BsxrcDiydlHe8nKqDGClQ5z7DaxoHdLYUiwRHMhsUT7tluynjkZ%2BU5I1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c25b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-reboot.min.css
activerefund.com/assets/bootstrap/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"6bc2b9b87fa5b76c5764bcb366a700a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdInL%2Fz4jcbfhltjSOClKybVmeJEWmRNjOtVUJ8PjZWNFpEqhs9opX2XJwtgUdbAjO1D%2BGdYEPMQdOiRmEmWCLhT2kAyjNgQcPpgIGfRwFX0MQOGYMUBqWn9SMMeFHLRF%2Fa486a%2BkxIWq2ye3nJy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c27b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
activerefund.com/assets/dropdown/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/dropdown/css/style.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
180d8ca6812f97d5ef73a4fbc28c018bc1c3d9af25a174af4452b997b513a7f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"2481109c6f43f998f29289f0500578aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYSp0ymMQnBm63fT6rZgH4D7Xbw%2FYk16IT4%2FwyNF6hIDC9IjjMJzUScga1fYgtEMHAFjW5ua8AyfH4Kn957XJ3tsZuJ7DqyoLhlVixWmX29m7xTPucYdkfw358RRpGvF%2FnrcObXTtf39Sg0ctDct"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c2cb8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
activerefund.com/assets/socicon/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/socicon/css/styles.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"065162d6eade3b83b55d3fed87f3d55c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PaX9YhtCw9GN6C3JoX0TdyNRl%2F766eC53oy2Dr8K7xJkkfmuzLjtvHg%2FhU%2FnGv6J9W3GpfriQP0C5tkiVO6AnNvSfb9AuawDMDYcEYO2EbskUxCMvyRgH3zTl7TdQ2Qytx21Im3JRMwFQqOr9L4O"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c2fb8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
activerefund.com/assets/theme/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/theme/css/style.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89e6288c304047d4d203d72f78576ca90ccafdf51e470d3676a2319c31de1be8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"98de29e3a54e0e40d0b3409a81c71d70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFWfXfepfbovfxFrTMwYy80Bj0m5k80qHHuEBZfLS5AlA3qUCmW7UDtBeaF6mlx72lRocg4ArvlvbLkFs%2BhPpOV9nSX%2B%2FD%2BbabPRVV6kE4ftf%2BMDNsbEth5ktbsqTYuNo1oVG4bWtor3F1X%2BvUf2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c31b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 15:15:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 14:42:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Mar 2023 15:15:05 GMT
mbr-additional.css
activerefund.com/assets/mobirise/css/ 		39 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/mobirise/css/mbr-additional.css
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04ab7d3144151414daab91cbb080019b1dc94210dda9e45d18a80b554314ad7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"8b8911dc3c50911c3fa9fd86514bebb9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B5zlVIjzrIdc0zXmqE4dIIwj51JNIHvfSfbtagw3T4akT4oImd028C1aEOu82vgwzusTkCiN9iECs2U9f5UTZBUEh4SgrvST7Us%2FIKJMqeV6roaKdheXLtRMG1xYprBt%2BIimg93g1gKY6YTU6yH"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a1c33b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
copy-of-remote-job-recruiting-2-364x86.png
activerefund.com/assets/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activerefund.com/assets/images/copy-of-remote-job-recruiting-2-364x86.png
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30b557aa77cb180fe3ca6b0f2a4bb6e64ca9145502ba708b1167332b7c1ebd5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3536
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"f2541fa871e5766166e305bd09e88958"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I9rnYEEB%2FI%2FUvc%2Fz8Iggda4jbfF8Ek1aMujeVoqI1qAl1qYMaEjqB5AVl87p3vY%2BXKkRtEXEUGcwwMRsEQglmILgwY05qDoRzotYHzbyarQCKI9j25b8FsYzAOQfg7NZHnRg7rz22Nn5P0wvTGC"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7b014e5a3c55b8c4-AMS
mbr-1256x829.jpg
activerefund.com/assets/images/ 		200 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activerefund.com/assets/images/mbr-1256x829.jpg
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03db3dbf48a33e04b6750139d6a45e7597cbd95d3d505e51ea016798bed73977
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205030
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"b55b71eca64fb27dee96068fc4b1bf98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnMgkm3DaYf96mk%2FiYw%2BUW%2BeRXEFuVm8xP7nqiKY9NZT8Y2V5sqgZ8V5djHXhjxtHcJQ5H7OLtJ0T0iOiBsSIzIzMGS17RKuWeE7rkvb5QibyQcIvqbet%2FkoDDM%2B%2FntL4X1eBJKOpe8TfUA26wvR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7b014e5a3c56b8c4-AMS
application_embed.js
embed.ercspecialists.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/application_embed.js?fpr=jc79
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
479a9de5f8037c10237163dcab21f8ef191b74feeca8fcf7f41a5de93df8ca07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.20.0
cross-origin-opener-policy
same-origin
x-frame-options
DENY
vary
Cookie, Origin
content-type
application/x-javascript
content-length
1753
mbr-1256x837.jpg
activerefund.com/assets/images/ 		405 KB
405 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activerefund.com/assets/images/mbr-1256x837.jpg
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cee90492a1babc618a5f4934ff2563fa06d9fe56b22bcd296922c9d0c88f3dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
414210
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"865ca8c2a85d0c4c750ff46d0025617e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCnGgkb%2Fz1PGeNsxnIPGA1ys123Cz%2BOtx25RCRdW%2FTOw8HWq7n71L9nhG%2Buem1tHmsh3omCRkoJweCQsWZCavFM9%2BgD38Zc641FQNBhJVcKd3zOqovNoSQR7rAEOLnUZaJ3ATBt63qQ9ToIKlXAk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7b014e5a3c57b8c4-AMS
screenshot-2023-03-30-at-8.57.24-am-1836x557.png
activerefund.com/assets/images/ 		309 KB
310 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://activerefund.com/assets/images/screenshot-2023-03-30-at-8.57.24-am-1836x557.png
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66edeaa3d141e8ca82505f960605999710acb9f33626db3a4731f130b40f55d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
316290
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"5068a107dacc3795f7df5cc2a6696ff0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyERRuz7rwsKow5HW4J5HZmgT8lGvC3IhN%2Bs0f3HVwP8eGgpaVB65upNX7o%2B3flHDNZNCQF6S%2FDm7SA6FfgXzOe2QoDCNFI7Xx8IupSgQnZSwuVKeDr02MiqOJTFn0coBDzY7H%2FinCQ4BLfUJZUv"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
7b014e5a3c58b8c4-AMS
bootstrap.bundle.min.js
activerefund.com/assets/bootstrap/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/bootstrap/js/bootstrap.bundle.min.js
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200677bd63ea5e6b08b0cc23a9f615ae71ae2957037ede57f128b8ecfe45d7cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"22335c4d0bca944c695e3a414a491dcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjwBZ4oXifz9VnybrkST%2BnFQQLpU%2FE6HJvccDzh1f4RmIBJzKJ6%2BRFcBcBrrqbW37wAsNUu%2F4YSJHpWBH4Bywm3A8JsUdFFkPi2GoGECH7Bfn7pLs0LgfT%2F%2FTrn%2FDd%2FMmWNzWCLUFqcUKUFf5Jck"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a3c4db8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
smooth-scroll.js
activerefund.com/assets/smoothscroll/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/smoothscroll/smooth-scroll.js
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87d4dcc8364407804ffe0cfd3656782060cbe49aea04a83f3e5eb709ee4e5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"e925c72830c7aa9f90b3eafdc2c5de12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXs2ibYIQl6iNVUVmRLlA0zTtC%2FbeGW3wyGcrSSRvBMI24IiLPXoZVKGkO0YcRm5VYTP95rdwAnUR4uG408elo%2BbTJdDRQJ1LC8BED2Wo%2FPMzSGocjDXcgVyJnlhpGxuCVB0TzD5jgpTf3AihEFN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a3c50b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.js
activerefund.com/assets/ytplayer/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/ytplayer/index.js
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eddb1bc8c19bc96565db30b9cb2f669b58006a54f6f0bf735d443fcd4b46eb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"4e8898b8f38bee4508b9d8ff8f6b97a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASlQ9lbalVPPIqdVbkzbrI1Zj1%2Fo258EuaGBz50MNvRaLatAmnwaaIp7PujT4cRzDFs0dIbF3nLLPJspQo7TG1hvjTIZ%2FAKU4XRy%2BZfGlJ5%2FQRDJP0JHgYIFcZi%2FCPzuccDj6vyGaHWkf9tWeu0P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a3c52b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
navbar-dropdown.js
activerefund.com/assets/dropdown/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/dropdown/js/navbar-dropdown.js
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0881bb685a1512cc95be38b2df6a8f55d061322716638afa272040010d0d2455
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"40f0a36b67534750e0dcae6585e12d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjEP%2FyCecA1RNsEyD7awqAt%2FZDAtmZIImK9jtXMvwwRROXYwlOtQgEusevi3qEvUrnF8%2Fmfp6YEozLyy4VxjiYvU6uelxvSKSQoK7LIIKJgfpEH3lL1xUhIeOYRmU4nUbbcaSkdu4WL8EnBF5UID"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a3c53b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
script.js
activerefund.com/assets/theme/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activerefund.com/assets/theme/js/script.js
Requested by
Host: activerefund.com
URL: https://activerefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0267952bd25299bacec6a6503353957a3cf815535ddbd22033b7b9df4a3c80bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://activerefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:06 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"66b5511fd475952cc2a63386906142c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVUITAGwj9TW1wCB3KmCUg1G8a9QFbGDGkeNPH%2FNfLuHRiu%2FKNHPdjfUp%2Fi63VEbv7a0IvNWMK93I4qtsd3k9SNmG35miQxW8x2yXJudYXyloeI%2FhpjzT3cIpE59Z0bVr9nIPUWtcX5s9e8R1Y3L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
7b014e5a3c54b8c4-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://activerefund.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:38:08 GMT
x-content-type-options
nosniff
age
23818
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:38:08 GMT
application
embed.ercspecialists.com/ Frame 9A24
Redirect Chain
  • https://embed.ercspecialists.com/?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
  • https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
30 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application_embed.js?fpr=jc79
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
73fb0c67b240a8b7c73ead15d37dab8bbc917d783daf240aa833d4ffde0dcb77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://activerefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 30 Mar 2023 15:15:07 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.20.0
vary
Accept-Encoding Cookie, Origin
x-content-type-options
nosniff

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Thu, 30 Mar 2023 15:15:07 GMT
location
/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.20.0
vary
Origin
x-content-type-options
nosniff
92zUtBhPNqw73oHt4D4h.woff2
fonts.gstatic.com/s/jost/v14/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/jost/v14/92zUtBhPNqw73oHt4D4h.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Jost:100,200,300,400,500,600,700,800,900,100i,200i,300i,400i,500i,600i,700i,800i,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d64f8025f777fca0bc3b88232bac150e7e0556b50c1176ea80160c4180aafa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://activerefund.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:41:09 GMT
x-content-type-options
nosniff
age
23637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30440
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:33:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:41:09 GMT
js
www.googletagmanager.com/gtag/ Frame 9A24 		234 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H1FG6BZYG0
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7327980b435c3e2bff209f2b603107cd89ba828f2acc6959a8125928ac271460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81820
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 30 Mar 2023 15:15:07 GMT
main.fdd7be6b26e9.css
embed.ercspecialists.com/static/app/build/css/ Frame 9A24 		171 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/static/app/build/css/main.fdd7be6b26e9.css
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e962c7aad93ce4ca69c529f8edc3d2f6a714d318487bc482a4d39ea1833c05ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 15:08:27 GMT
server
nginx/1.20.0
etag
W/"6425a5eb-2ab87"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ Frame 9A24 		12 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fef11a7feb71c937fa296e039eea89a6879d19a6f6b3c387c1d728d0683091ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 30 Mar 2023 15:15:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 30 Mar 2023 13:16:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Mar 2023 15:15:07 GMT
fontawesome.min.80c6d2636661.css
embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/ Frame 9A24 		157 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/fontawesome.min.80c6d2636661.css
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 15:08:27 GMT
server
nginx/1.20.0
etag
W/"6425a5eb-274cd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
light.min.c608c7b36ece.css
embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/ Frame 9A24 		542 B
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/static/app/vendor/fontawesome-pro-6.1.1-web/css/light.min.c608c7b36ece.css
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
d2fb3910ab152273fc4e74125feccb7a7ec235714e06f1598664094b27c6d4c1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
last-modified
Thu, 30 Mar 2023 15:08:27 GMT
server
nginx/1.20.0
etag
"6425a5eb-21e"
content-type
text/css
cache-control
max-age=315360000
accept-ranges
bytes
content-length
542
expires
Thu, 31 Dec 2037 23:55:55 GMT
fpr.highlevel.js
cdn.firstpromoter.com/ Frame 9A24 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.firstpromoter.com/fpr.highlevel.js
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5e00:1e:b6b6:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d749293fa689ca257bc6159afcc24bea0a0c236e07cf4d90c5a90d57e52c19b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 00:53:42 GMT
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
last-modified
Mon, 07 Feb 2022 04:29:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
64924
etag
W/"bb2bdc2dcaa82904e778e3b5bb94ef55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
u5XTkCmaO6nSAa_mQGhozEqrJV8nGyUeUiWoD8HEwca5cXs4-VHmAQ==
ElementQueries.js
cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ Frame 9A24 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ElementQueries.js
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eee421f2f9bdf38445ffe938ab5c0be29ef1855570c2cb871b55de50ac3521b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.ercspecialists.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
1.2.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230133-FRA, cache-yyz4537-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"4ee3-o7V+DEbc/2kBuZ27xfA5ar7p9WA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVo8Bap3Z%2FA%2FU%2BBRx3rlVw%2FIAF367qyibRqTC1viXqtYCCGemW26UyxmoFDX3AE8qzgzdh8nwf1X4s0QvTXext%2Bg4gBmtgltDXk4sMF52oyTWXtXNRRd0PYmtdocbFknz0kRyiX5F86r%2BUOV3c8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b014e643c2b1c95-AMS
ResizeSensor.js
cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ Frame 9A24 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/css-element-queries@1.2.3/src/ResizeSensor.js
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c3382375aae1b991259f482d859dcc5e028941f4e52a73530701d2b9b16862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://embed.ercspecialists.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
578025
x-jsd-version
1.2.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"2fcb-CxeOTQLrQbXsJmZV3LyQGPW7/eE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaNRBeLbkBMDLvuW5x0AKqU%2B%2FtH18m2QD3ahsIoCspC4jLlhgDl3FwGMIYbVWlr3lAbJdc%2Bveklq0Z8AfRGtHZ2tqmqhEobbC7kr8YMfKEgfi1Jzp3RCWgoKhnBgT1XENFqCWVYu0t4Qrko92%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7b014e643c2c1c95-AMS
play.c1974eb0913a.svg
embed.ercspecialists.com/static/app/img/ Frame 9A24 		606 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.ercspecialists.com/static/app/img/play.c1974eb0913a.svg
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
3671d8addd1b85e916c2b9e3ffac3879a9d0676dba648bac50e5274c0a1cd1eb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
last-modified
Thu, 30 Mar 2023 15:08:26 GMT
server
nginx/1.20.0
etag
"6425a5ea-25e"
content-type
image/svg+xml
cache-control
max-age=315360000
accept-ranges
bytes
content-length
606
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ Frame 9A24 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 07:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 07:03:18 GMT
main.9cda0e1462a6.js
embed.ercspecialists.com/static/app/build/ Frame 9A24 		146 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.ercspecialists.com/static/app/build/main.9cda0e1462a6.js
Requested by
Host: embed.ercspecialists.com
URL: https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.64.62 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-64-62.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
79f60a475c5feb3676c248b7259533df15cf81e9c5e36ff1683d0672db5ba746

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://embed.ercspecialists.com/application?fpr=jc79&__sessionid=940y3cm4h6ecnhy4t5wcsolp49f9cjgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 15:15:07 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 15:08:27 GMT
server
nginx/1.20.0
etag
W/"6425a5eb-249c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
tr
t.firstpromoter.com/ Frame 9A24 		96 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.firstpromoter.com/tr
Requested by
Host: cdn.firstpromoter.com
URL: https://cdn.firstpromoter.com/fpr.highlevel.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.231.58 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
nb-172-104-231-58.frankfurt.nodebalancer.linode.com
Software
nginx / cloud66
Resource Hash
7b62dea6cc1e3ebc553f40b517f3a277c266ae495a22edea7c7610c082fde3b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://embed.ercspecialists.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 30 Mar 2023 15:15:08 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Content-Encoding
gzip
X-Powered-By
cloud66
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
bd705180-b454-41f3-b0e2-b15e6660506a
X-Runtime
0.034211
Server
nginx
ETag
W/"7b62dea6cc1e3ebc553f40b517f3a277"
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
X-Frame-Options
SAMEORIGIN
Vary
Origin,Accept-Encoding
truncated
/ Frame 9A24 		111 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b441d6f6589e41f8d7e3c2b5cea6a33898ba86e1440a1e1c75341b0e341c92df

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
23845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:42 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
23845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
23845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9A24 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed.ercspecialists.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 08:37:42 GMT
x-content-type-options
nosniff
age
23845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12408
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:54:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Mar 2024 08:37:42 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless number| uidEvent object| bootstrap function| SmoothScroll object| $jscomp function| EventEmitter function| loadScript string| YOUTUBE_IFRAME_API_SRC object| YOUTUBE_STATES object| YOUTUBE_ERROR object| loadIframeAPICallbacks function| $Users$vagrant$workspace$Mobirise5_emac_Release$Release$release$mac$Mobirise_app$Contents$Resources$_app_asar$web$app$themes$mobirise5$plugins$ytplayer$index$classdecl$var0 function| YouTubePlayer function| smartresize boolean| initSwitchArrowPlugin boolean| initTestimonialsPlugin

2 Cookies

Domain/Path Name / Value
embed.ercspecialists.com/ Name: sessionid
Value: 940y3cm4h6ecnhy4t5wcsolp49f9cjgk
embed.ercspecialists.com/ Name: csrftoken
Value: 60NYTzmTh5EYV8jwvxqv81mpzTphyjYZ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activerefund.com
ajax.googleapis.com
cdn.firstpromoter.com
cdn.jsdelivr.net
embed.ercspecialists.com
fonts.googleapis.com
fonts.gstatic.com
t.firstpromoter.com
www.googletagmanager.com
172.104.231.58
2600:9000:236e:5e00:1e:b6b6:9ac0:93a1
2606:4700::6810:5614
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a06:98c1:3120::3
44.236.64.62
0267952bd25299bacec6a6503353957a3cf815535ddbd22033b7b9df4a3c80bb
03db3dbf48a33e04b6750139d6a45e7597cbd95d3d505e51ea016798bed73977
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
0881bb685a1512cc95be38b2df6a8f55d061322716638afa272040010d0d2455
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
180d8ca6812f97d5ef73a4fbc28c018bc1c3d9af25a174af4452b997b513a7f5
19953a9a92c249fb0b1815506667ba3ba19f70e967d588e39d221e58662b00d5
200677bd63ea5e6b08b0cc23a9f615ae71ae2957037ede57f128b8ecfe45d7cf
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
2d64f8025f777fca0bc3b88232bac150e7e0556b50c1176ea80160c4180aafa0
30b557aa77cb180fe3ca6b0f2a4bb6e64ca9145502ba708b1167332b7c1ebd5a
3671d8addd1b85e916c2b9e3ffac3879a9d0676dba648bac50e5274c0a1cd1eb
479a9de5f8037c10237163dcab21f8ef191b74feeca8fcf7f41a5de93df8ca07
66edeaa3d141e8ca82505f960605999710acb9f33626db3a4731f130b40f55d3
7327980b435c3e2bff209f2b603107cd89ba828f2acc6959a8125928ac271460
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73fb0c67b240a8b7c73ead15d37dab8bbc917d783daf240aa833d4ffde0dcb77
79f60a475c5feb3676c248b7259533df15cf81e9c5e36ff1683d0672db5ba746
7b62dea6cc1e3ebc553f40b517f3a277c266ae495a22edea7c7610c082fde3b8
89e6288c304047d4d203d72f78576ca90ccafdf51e470d3676a2319c31de1be8
8eee421f2f9bdf38445ffe938ab5c0be29ef1855570c2cb871b55de50ac3521b
94247c8166557e966bc27a29182bc2fee46d927bb0240124836effa11ab059cd
97f0549ae1b86791420890ae5c5b6ec5af448ef05a4d9f924e824c48a380ac73
9c8a8f8c3857d47c3d639e4b107e2c85545e7d2a87c1b9ccc2842c6f33e3aa6a
9cee90492a1babc618a5f4934ff2563fa06d9fe56b22bcd296922c9d0c88f3dc
9eddb1bc8c19bc96565db30b9cb2f669b58006a54f6f0bf735d443fcd4b46eb2
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b04ab7d3144151414daab91cbb080019b1dc94210dda9e45d18a80b554314ad7
b1c3382375aae1b991259f482d859dcc5e028941f4e52a73530701d2b9b16862
b441d6f6589e41f8d7e3c2b5cea6a33898ba86e1440a1e1c75341b0e341c92df
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
ccb200f2c60844c5d34bc235a45ea7cb76b7084e5a85975f555cf5a52ccff1e4
d2fb3910ab152273fc4e74125feccb7a7ec235714e06f1598664094b27c6d4c1
d749293fa689ca257bc6159afcc24bea0a0c236e07cf4d90c5a90d57e52c19b9
e962c7aad93ce4ca69c529f8edc3d2f6a714d318487bc482a4d39ea1833c05ec
ed87d4dcc8364407804ffe0cfd3656782060cbe49aea04a83f3e5eb709ee4e5f
f75d0fed0cd4380843d322f38aa2cb0cee3d128f28d5dc4c354623f6b0ac18a3
fef11a7feb71c937fa296e039eea89a6879d19a6f6b3c387c1d728d0683091ed