the33refund.com Open in urlscan Pro
13.125.99.82  Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response the33refund.com/	27 KB 27 KB	1077ms 534ms	Document text/html	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 1dd00e15e9329d05d4c06bc5b06b7c246b3ea46f22ddb5afa7b10015370f0879 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-language de-DE content-type text/html;charset=UTF-8 date Thu, 08 Dec 2022 06:40:34 GMT expires 0 pragma no-cache vary Origin Access-Control-Request-Method Access-Control-Request-Headers x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	reset.min.css cdn.jsdelivr.net/npm/reset-css@5.0.1/	1 KB 1 KB	40ms 16ms	Stylesheet text/css	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/reset-css@5.0.1/reset.min.css Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f05df5f75cdff21f2a1ba3255839e7b6ce6f49c51d1359157784b02c00a2e1c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:34 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 14695663 x-jsd-version 5.0.1 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19121-FRA, cache-cdg20766-CDG x-jsd-version-type version server cloudflare etag W/"474-Qnc1SJjomHjeiOjjPio4KBFA/ZU" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYmS%2Bhg4r6QLjavYjhjsp%2BCJ3%2BsOL6PPZqnjlwbqFuvEPfqxwsc5jKyAQvQGR%2Bs1LCW9x9HPSz8NQcU2ttI2oWNY%2FKzDaxSaLX8mMEr5ZdXmF6Zc1WR0XuJjAvqW%2BQpeXxP7nt%2BvAQL9820eF98%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 776382a76c8dbb4d-FRA
GET H2	200	app_common.css the33refund.com/style/	5 KB 5 KB	270ms 269ms	Stylesheet text/css	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://the33refund.com/style/app_common.css?v=221124 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash dac8354109d87b692f68dd1bf2d3566972f9fc6fc5b14cf835601ec04d34c0ac Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:34 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type text/css cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 4927 x-xss-protection 1; mode=block expires 0
GET H2	200	style_renewal.css the33refund.com/style/	131 KB 132 KB	271ms 270ms	Stylesheet text/css	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://the33refund.com/style/style_renewal.css?v=221124 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 8818c2df5f3c906b93e7dd4e4b0d3293ec6e02874b58f91e74dae6abb9a323bc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:34 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type text/css cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 134437 x-xss-protection 1; mode=block expires 0
GET H2	200	jquery-3.6.0.js Show response code.jquery.com/	282 KB 83 KB	91ms 22ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.js Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:34 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-46744" vary Accept-Encoding x-hw 1670481634.dop140.am5.t,1670481634.cds318.am5.hn,1670481634.cds145.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 84714
GET H2	200	js Show response www.googletagmanager.com/gtag/	190 KB 69 KB	141ms 56ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 36851ad10be221ebe601a573955eb8d816c25ed4b478973b57c50f57e3eb3bfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:34 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70047 x-xss-protection 0 last-modified Thu, 08 Dec 2022 06:17:44 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Dec 2022 06:40:34 GMT
GET H/1.1	200 OK	wcslog.js Show response wcs.naver.net/	20 KB 7 KB	46ms 8ms	Script application/javascript	23.11.239.25 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://wcs.naver.net/wcslog.js Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.11.239.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-11-239-25.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 82e8f97388db2fde014004e7eb310df127012d3b2a397d98c1e6fe47a5bcd403 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers Date Thu, 08 Dec 2022 06:40:34 GMT Content-Encoding gzip Last-Modified Tue, 14 Jun 2022 02:08:57 GMT Server nginx ETag "62a7edb9-4e9c" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=548 Connection keep-alive Accept-Ranges bytes Content-Length 6834 Expires Thu, 08 Dec 2022 06:49:42 GMT
GET H2	200	the33refund_logo.svg the33refund.com/image/	6 KB 7 KB	311ms 311ms	Image image/svg+xml	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/the33refund_logo.svg Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 9ff41ead5c07f0f4a86c15a16aef2eddeb53e3b307dee325a183c0b452b5396e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/svg+xml cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 6649 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_01.png the33refund.com/image/	103 KB 104 KB	269ms 269ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_01.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 11e47e411384d264c3a324ab84a91cebfadfa173fdcb8a591b9c20b9eb876b2d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 105649 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_02.svg the33refund.com/image/	7 MB 7 MB	271ms 271ms	Image image/svg+xml	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_02.svg Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash dec3e0de7e29ac4177904e7238623dcb8306d8275c8cf03f83493f4e79691269 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/svg+xml cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 7562755 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_02_pin.png the33refund.com/image/	12 KB 12 KB	490ms 484ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_02_pin.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 6a99b39087dff4a6f82eca4985af191e328d4363ab2025815e5b81d48ae6f397 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 12023 x-xss-protection 1; mode=block expires 0
GET H2	200	img_circle_01.png the33refund.com/image/	14 KB 14 KB	489ms 483ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_circle_01.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 1c21f7c8a6f668e003a7cef412f1557487789ee1e1fe60f3127a0f6eb711629d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 14231 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_03.png the33refund.com/image/	93 KB 93 KB	488ms 483ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_03.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash f374fb45764a1fe9bdcde9b1bbf94aa3a560da98d4791715a996c07ae2030df8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 95011 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_04.svg the33refund.com/image/	659 KB 660 KB	490ms 485ms	Image image/svg+xml	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_04.svg Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 6f0bc96fdfadfb5519d83243599ea75c3251ec1f7549b8c46ec850ce238a697c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/svg+xml cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 674875 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_05.svg the33refund.com/image/	788 KB 789 KB	488ms 483ms	Image image/svg+xml	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_05.svg Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 715c7a09489652b9a30bff22aba4f0f58abb04df5f2ce531b8c475e5d1d43d0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/svg+xml cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 806887 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_06.png the33refund.com/image/	101 KB 101 KB	489ms 484ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_06.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash bcde86b2f61b9b55afa7a39c2411119d685ba08a1c3931bb21eabc1f01253947 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 103131 x-xss-protection 1; mode=block expires 0
GET H2	200	img_phone_07.png the33refund.com/image/	83 KB 83 KB	488ms 484ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_phone_07.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 6d6fd20f32be7e139b058f99c4ef7c44a8206f3bd22cef3c473721516a9ef526 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 84723 x-xss-protection 1; mode=block expires 0
GET H2	200	img_avator_01.png the33refund.com/image/	4 KB 4 KB	489ms 485ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_avator_01.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash ec3116b5b782ab44152013475ec0bc5c86b64518a3b04f39bd825b978177e071 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 3917 x-xss-protection 1; mode=block expires 0
GET H2	200	img_avator_02.png the33refund.com/image/	5 KB 5 KB	793ms 789ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_avator_02.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 622f84213bf6f73873992afe377a75be5d676b4dbda14e78fefd8d926916fb13 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 4945 x-xss-protection 1; mode=block expires 0
GET H2	200	img_avator_03.png the33refund.com/image/	4 KB 5 KB	489ms 486ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/img_avator_03.png Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 34ab35a9e9596ec012a1b733345246b842fcded03464a5a969980b15b766fb5d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 4354 x-xss-protection 1; mode=block expires 0
GET H2	200	SpoqaHanSansNeo.css spoqa.github.io/spoqa-han-sans/css/	4 KB 1 KB	32ms 7ms	Stylesheet text/css	2606:50c0:8001::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash 6ff03d9590967ac30d1974872b8b51ed7abe34b5fa963c1f72ca8258e52654a6 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-fastly-request-id 2ee0d9749cb05fc9409fd863f5f30a4978631241 date Thu, 08 Dec 2022 06:40:35 GMT content-encoding gzip via 1.1 varnish x-cache-hits 1 age 560 x-cache HIT x-proxy-cache HIT content-length 937 x-served-by cache-hhn-etou8220074-HHN last-modified Wed, 15 Jun 2022 08:19:11 GMT server GitHub.com x-github-request-id 1C1C:08F5:4EBF67:6A05E9:63914A9D x-timer S1670481635.265894,VS0,VE1 etag W/"62a995ff-ea6" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes x-origin-cache HIT expires Thu, 08 Dec 2022 02:33:12 GMT
GET H2	200	m wcs.naver.com/	43 B 679 B	766ms 243ms	Image image/gif	110.93.147.30 NHN-AS-KR NAVER C...
General Check archive.org Show headers Download Go to Show image Full URL https://wcs.naver.com/m?u=https%3A%2F%2Fthe33refund.com%2F&e=&wa=s_29fc9c4b1a80&bt=-1&os=Win32&ln=en-US&sr=1600x1200&bw=1600&bh=1200&c=24&j=N&jv=1.8&k=Y&ct=&cs=UTF-8&tl=%25EB%258D%2594%25ED%2599%2598%25EA%25B8%2589%2520-%2520%25EB%258D%2594%2520%25EB%25A7%258E%25EC%259D%2580%2520%25EC%2584%25B8%25EA%25B8%2588%25ED%2599%2598%25EA%25B8%2589%252C%2520%25EC%25A4%2591%25EC%2586%258C%25EA%25B8%25B0%25EC%2597%2585%2520%25EC%25B7%25A8%25EC%2597%2585%25EC%259E%2590%2520%25EC%2586%258C%25EB%2593%259D%25EC%2584%25B8%2520%25EA%25B0%2590%25EB%25A9%25B4(90%2525)&vs=0.8.6&nt=1670481635282&EOU Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 110.93.147.30 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR), Reverse DNS Software wcs / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Mon, 28 Sep 1970 06:00:00 GMT server wcs accept-ch Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version p3p CP = "ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC" content-type image/gif cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 43 expires Tue, 01 Jan 1980 09:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	103 KB 28 KB	121ms 35ms	Script application/x-javascript	2a03:2880:f028:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 08 Dec 2022 06:40:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27340 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug wQl9k4QZlqCYuvwwSMEo6XhTFp8xnwT1McaRVSkhEL8Cr/VG7qb8huBsH+sWFuLhBiKFkdYEzzsrBzrfnArRJg== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	96 KB 38 KB	56ms 53ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KFQXX6S Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a44482129b170af0dc12a26b0b38af3009bc30f9d397799ee5139fffc1d214b8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38514 x-xss-protection 0 last-modified Thu, 08 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Dec 2022 06:40:35 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	123ms 6ms	Script application/javascript	146.75.116.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 16:56:53 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100081-IAD, cache-fra-eddf8230081-FRA
GET H2	200	user Show response the33refund.com/api/dashboard/	46 B 314 B	488ms 484ms	XHR application/json	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://the33refund.com/api/dashboard/user Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 69d225b25abd3f18659ef51910fcdecfb9863b829757b8ef9d96037cf91a921c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept */* Referer https://the33refund.com/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type application/json cache-control no-cache, no-store, max-age=0, must-revalidate x-xss-protection 1; mode=block expires 0
GET H2	200	icon_people.png the33refund.com/image/	14 KB 14 KB	750ms 747ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/icon_people.png Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash f1c259286dbe161b32a51219da59561e4ac3f061891b714982f1021b9f22e151 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/style/style_renewal.css?v=221124 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 14426 x-xss-protection 1; mode=block expires 0
GET H2	200	icon_diamond.png the33refund.com/image/	11 KB 12 KB	488ms 485ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/icon_diamond.png Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 2dc1bc8f6775eef76820a6dc71978e09ff2b092d3a0cf7e05a421e5c38ebd6da Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/style/style_renewal.css?v=221124 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 11509 x-xss-protection 1; mode=block expires 0
GET H3	200	SpoqaHanSansNeo-Regular.woff2 cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/	176 KB 177 KB	51ms 32ms	Font font/woff2	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Regular.woff2 Requested by Host: spoqa.github.io URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4249bafc6673772edd9f3ed64589496ffbbd084a81dd85d6e170058fad86d117 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://spoqa.github.io/ Origin https://the33refund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} fastly-original-body-size 180600 age 15650 x-jsd-version 3.3.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 180600 x-served-by cache-fra19122-FRA, cache-hhn4046-HHN x-jsd-version-type version server cloudflare etag W/"2c178-iWr6WTmm7FQP+OZi2/wWuqaXIzM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FgUeTetEKvC7s0YoU3xt3YLmD%2Fd21pvXZn8bpKsSWcaR0VkfL3yrpsv3F2tVeeDJoQiTUU8vAWKzyIKb4BdJjeTfayeLFwB%2Fydx0uTUNrnixZZkmTmWKD%2BceZdX2vqLFrL%2F1XC39U%2FR9DmMsViw%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin * cf-ray 776382acba1fbb59-FRA
GET H3	200	SpoqaHanSansNeo-Bold.woff2 cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/	179 KB 180 KB	81ms 62ms	Font font/woff2	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/spoqa/spoqa-han-sans@latest/Subset/SpoqaHanSansNeo/SpoqaHanSansNeo-Bold.woff2 Requested by Host: spoqa.github.io URL: https://spoqa.github.io/spoqa-han-sans/css/SpoqaHanSansNeo.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c85faa3fa812cae9fad6eadc662b0e68c84f010b61c5c0ebc769a7b43e0fcd4d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://spoqa.github.io/ Origin https://the33refund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 27751 x-jsd-version 3.3.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 183708 x-served-by cache-fra19183-FRA, cache-cdg20762-CDG x-jsd-version-type version server cloudflare etag W/"2cd9c-sHcxCYIcT0XH4pfxPM8P5WsTzKs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgXHpBaM6m8NizLX0dTDkLzUgvnqtZp%2BsERZNSptseR9JR04LJ7g0FFBxS5DBddwflEFfh6sUfvopDV1KB2fhDyIn%2FjQ7UoAFTVH0R0uzMK2v312gTxMBcFf%2FlEyqusE7zbz1Ale8WO9F%2BqJ7pA%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin * cf-ray 776382acba24bb59-FRA
GET H2	200	arrow.png the33refund.com/image/	329 B 648 B	763ms 763ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/arrow.png Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 424f7a79d0c847c869eb5aed8518443862d64c93b9bf1b604ee948f7818042ef Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/style/style_renewal.css?v=221124 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 329 x-xss-protection 1; mode=block expires 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/	2 KB 2 KB	175ms 83ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/?random=1670481635338&cv=11&fst=1670481635338&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&auid=371343829.1670481635&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash caaef119261f4a943417e4d438d59e191f38f8d081fd19187cfe66e325b7a277 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 979 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	216 KB 75 KB	104ms 83ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Y12H41HVYR&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 98b5ed8ac46c9156ce4a717eca3d56c14195d601d84dee3d127cf516b3e9da9b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76896 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 08 Dec 2022 06:40:35 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	72ms 51ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-90854886-3&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 23ba7f62121f9518c145d24915e554b3b714e562aecffc7a0240a7d39e74ad15 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43601 x-xss-protection 0 last-modified Thu, 08 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Dec 2022 06:40:35 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	88ms 68ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-90854886-2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 97eda6f1e0b7c3ff3a09dfff66fb9821840de413f37061c892c115b6268f3916 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43586 x-xss-protection 0 last-modified Thu, 08 Dec 2022 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 08 Dec 2022 06:40:35 GMT
GET H2	200	icon_download_google.png the33refund.com/image/	2 KB 2 KB	731ms 731ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/icon_download_google.png Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 333277e8ef31d1114b8c3268a0c68e64ab6edf0014bc80e47a2d475ab4fbc906 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/style/style_renewal.css?v=221124 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 1887 x-xss-protection 1; mode=block expires 0
GET H2	200	icon_download_apple.png the33refund.com/image/	1 KB 2 KB	731ms 731ms	Image image/png	13.125.99.82 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://the33refund.com/image/icon_download_apple.png Requested by Host: the33refund.com URL: https://the33refund.com/style/style_renewal.css?v=221124 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.125.99.82 , Korea, Republic Of, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-125-99-82.ap-northeast-2.compute.amazonaws.com Software / Resource Hash 707ff0818cf1dc8e372bf3e4525bdbb27bbea6639c82ac5302ac3cfc5b3c24d8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/style/style_renewal.css?v=221124 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Thu, 08 Dec 2022 04:45:15 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers x-frame-options DENY content-type image/png cache-control no-cache, no-store, max-age=0, must-revalidate accept-ranges bytes content-length 1469 x-xss-protection 1; mode=block expires 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	224 KB 77 KB	96ms 94ms	Script application/javascript	2a00:1450:4001:829::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-CCS2QDPS54&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KFQXX6S Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 07e201c12e2db5cc04ad9c01af13069809593cd54a60bdc3f6d77a062ae39545 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers date Thu, 08 Dec 2022 06:40:35 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79028 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Thu, 08 Dec 2022 06:40:35 GMT
GET H2	200	adsct t.co/1/i/	43 B 377 B	150ms 111ms	Image image/gif	104.244.42.5 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1a9f58b4-534f-4dfe-96f0-a8b8d0380a6f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89229134-1167-4701-a941-8a6208d5563b&tw_document_href=https%3A%2F%2Fthe33refund.com%2F&tw_iframe_status=0&txn_id=ocfik&type=javascript&version=2.3.29 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.5 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-response-time 104 date Thu, 08 Dec 2022 06:40:34 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 6687530267321e94 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash ecdea137c5abb42779a24a93fe3c0b60f9374b723e3f6f9d13011c092aea9d75 content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 724 B	239ms 115ms	Image image/gif	104.244.42.195 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1a9f58b4-534f-4dfe-96f0-a8b8d0380a6f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89229134-1167-4701-a941-8a6208d5563b&tw_document_href=https%3A%2F%2Fthe33refund.com%2F&tw_iframe_status=0&txn_id=ocfik&type=javascript&version=2.3.29 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers x-response-time 107 date Thu, 08 Dec 2022 06:40:34 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id df17bff7d0c5e6ea cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 1177f0a387656a1c9d57283ed6dac14c4aacba45245a8ffd4e8f0e76260f94bb content-length 43
GET H3	200	1850547995258638 Show response connect.facebook.net/signals/config/	293 KB 84 KB	165ms 125ms	Script application/x-javascript	2a03:2880:f028:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1850547995258638?v=2.9.89&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f028:100:face:b00c:0:3 Sofia, Bulgaria, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 168ca9037ce436cc1577fb50b73ebd2c1f6a61e20fcc55ffc1173fa81be9320d Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 08 Dec 2022 06:40:35 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug 4jLC2DZb/6M7NIWXTCntXGh9ph7gr33Pi3j+g2ZZPaLTjpi2U2XNobs/RT5Sh6c41lHBcdCRPs3lfHpyU7ABdQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	122ms 35ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-90854886-3&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 08 Dec 2022 05:24:40 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 4555 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Thu, 08 Dec 2022 07:24:40 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 347 B	104ms 37ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Y12H41HVYR&gtm=2oebu0&_p=589953372&cid=2106472178.1670481636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670481635&sct=1&seg=0&dl=https%3A%2F%2Fthe33refund.com%2F&dt=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Y12H41HVYR&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/10861932810/	42 B 548 B	132ms 47ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10861932810/?random=1670481635338&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2032334254&rmt_tld=0&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/10861932810/	42 B 154 B	130ms 51ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10861932810/?random=1670481635338&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2032334254&rmt_tld=1&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 347 B	106ms 35ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-CCS2QDPS54&gtm=2oebu0&_p=589953372&_gaz=1&cid=2106472178.1670481636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670481635&sct=1&seg=0&dl=https%3A%2F%2Fthe33refund.com%2F&dt=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CCS2QDPS54&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 338 B	56ms 18ms	Ping text/plain	2a00:1450:400c:c0a::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CCS2QDPS54&cid=2106472178.1670481636&gtm=2oebu0&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CCS2QDPS54&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	97ms 48ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CCS2QDPS54&cid=2106472178.1670481636&gtm=2oebu0&aip=1&z=870545156 Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	116ms 43ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=589953372&t=pageview&_s=1&dl=https%3A%2F%2Fthe33refund.com%2F&ul=en-us&de=UTF-8&dt=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1621363432&gjid=1230341660&cid=2106472178.1670481636&tid=UA-90854886-3&_gid=689868940.1670481636&_r=1&gtm=2oubu0&z=843253371 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://the33refund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	112ms 43ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=589953372&t=pageview&_s=1&dl=https%3A%2F%2Fthe33refund.com%2F&ul=en-us&de=UTF-8&dt=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1695755852&gjid=1821575756&cid=2106472178.1670481636&tid=UA-90854886-2&_gid=689868940.1670481636&_r=1&gtm=2oubu0&z=1399425319 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://the33refund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	38ms 7ms	Image text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1850547995258638&ev=TotalPageView&dl=https%3A%2F%2Fthe33refund.com%2F&rl=&if=false&ts=1670481635752&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670481635751.788018251&it=1670481635466&coo=false&rqm=GET Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Thu, 08 Dec 2022 06:40:35 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/	2 KB 1003 B	205ms 127ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/?random=1670481636302&cv=11&fst=1670481636302&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&auid=371343829.1670481635&uaw=0&data=event%3Dform_start&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0d48c0a865f8683a5bc98d5d565a36c0f1eab9e20b8ec1e0b017a106e871280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 977 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/	2 KB 1005 B	161ms 87ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10861932810/?random=1670481636306&cv=11&fst=1670481636306&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&auid=371343829.1670481635&uaw=0&data=event%3Dform_submit&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-10861932810 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3f6e26773fbdc5fdfd039978dafd0cbbf0023c8b47562cb65f40011c1c5a15c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 979 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	/ Show response www.facebook.com/tr/ Frame 9CED	0 18 B	17ms 7ms	Document text/plain	2a03:2880:f12d:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://the33refund.com Referer https://the33refund.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://the33refund.com alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Thu, 08 Dec 2022 06:40:36 GMT priority u=0 server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H3	200	/ www.google.com/pagead/1p-user-list/10861932810/	42 B 64 B	129ms 47ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10861932810/?random=1670481636306&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2967199027&rmt_tld=0&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/10861932810/	42 B 64 B	130ms 50ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10861932810/?random=1670481636306&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dform_submit&fmt=3&is_vtc=1&random=2967199027&rmt_tld=1&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.com/pagead/1p-user-list/10861932810/	42 B 64 B	92ms 49ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/10861932810/?random=1670481636302&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dform_start&fmt=3&is_vtc=1&random=1189918181&rmt_tld=0&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.de/pagead/1p-user-list/10861932810/	42 B 64 B	90ms 48ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/10861932810/?random=1670481636302&cv=11&fst=1670479200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fthe33refund.com%2F&tiba=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&data=event%3Dform_start&fmt=3&is_vtc=1&random=1189918181&rmt_tld=1&ipr=y Requested by Host: the33refund.com URL: https://the33refund.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://the33refund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:36 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.analytics.google.com/g/	0 17 B	106ms 37ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-CCS2QDPS54&gtm=2oebu0&_p=589953372&cid=2106472178.1670481636&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&sid=1670481635&sct=1&seg=0&dl=https%3A%2F%2Fthe33refund.com%2F&dt=%EB%8D%94%ED%99%98%EA%B8%89%20-%20%EB%8D%94%20%EB%A7%8E%EC%9D%80%20%EC%84%B8%EA%B8%88%ED%99%98%EA%B8%89%2C%20%EC%A4%91%EC%86%8C%EA%B8%B0%EC%97%85%20%EC%B7%A8%EC%97%85%EC%9E%90%20%EC%86%8C%EB%93%9D%EC%84%B8%20%EA%B0%90%EB%A9%B4(90%25)&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-CCS2QDPS54&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://the33refund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 08 Dec 2022 06:40:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://the33refund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT