refundinsurance.ru Open in urlscan Pro
190.115.18.180 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.refundinsurance.ru/
Effective URL:
https://refundinsurance.ru/
Submission: On September 13 via automatic, source certstream-suspicious (September 13th 2023, 10:26:00 am UTC) — Scanned from DE

Summary HTTP 22 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 22 HTTP transactions. The main IP is 190.115.18.180, located in Belize and belongs to IQWEB, AE. The main domain is refundinsurance.ru.
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.

This is the only time refundinsurance.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	190.115.18.180 190.115.18.180	59692 (IQWEB) (IQWEB)
4	188.68.204.154 188.68.204.154	49505 (SELECTEL) (SELECTEL)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	4

17 190.115.18.180 (Belize) 1 redirects

ASN59692 (IQWEB, AE)

www.refundinsurance.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
refundinsurance.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.68.204.154 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

i.1.creatium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	refundinsurance.ru 1 redirects www.refundinsurance.ru refundinsurance.ru	231 KB
4	creatium.io i.1.creatium.io	1 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 248	149 KB
22	3

	Domain	Requested by
16	refundinsurance.ru	refundinsurance.ru
4	i.1.creatium.io	refundinsurance.ru
2	cdnjs.cloudflare.com	refundinsurance.ru
1	www.refundinsurance.ru	1 redirects
22	4

This site contains links to these domains. Also see Links.

Domain
2gis.ru
vk.com
api.whatsapp.com
t.me
creatium.io

Subject Issuer	Validity	Valid
refundinsurance.ru R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
i.1.creatium.io R3	`2023-08-23` - `2023-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://refundinsurance.ru/
Frame ID: 64F0A92F03F17A0203DD87397BFC0EDF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Страховые выплаты в1 2

Page URL History Show full URLs

https://www.refundinsurance.ru/ HTTP 301
https://refundinsurance.ru/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

22
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1458 kB
Transfer

2296 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://2gis.ru/kazan/firm/70000001075592904/tab/reviews
Title: Читать отзывы на 2GIS

Search URL Search Domain Scan URL

URL: https://vk.com/nabiullin_group

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=79179022230&text&type=phone_number&app_absent=0

Search URL Search Domain Scan URL

URL: https://t.me/pravokzn116

Search URL Search Domain Scan URL

URL: https://creatium.io/
Title: Creatium

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.refundinsurance.ru/ HTTP 301
https://refundinsurance.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
refundinsurance.ru/
Redirect Chain

https://www.refundinsurance.ru/
https://refundinsurance.ru/

171 KB
19 KB

328ms
268ms

Document
text/html

190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard / PHP/7.4.30
Resource Hash: ee8240f34f9a10e0f08acf1090058e6728cd26ab20f368234629a26df7063f8b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 10:25:55 GMT
server: ddos-guard
vary: Accept-Encoding
x-powered-by: PHP/7.4.30

Redirect headers

content-type: text/html; charset=UTF-8
date: Wed, 13 Sep 2023 10:25:55 GMT
location: https://refundinsurance.ru/
server: ddos-guard
x-powered-by: PHP/7.4.30

GET
H2 200 vendors.css
refundinsurance.ru/assets/4.2/ 54 KB
4 KB 88ms
87ms Stylesheet
text/css 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/vendors.css?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 79c55eed3304eb857af1057c9fc55a2d127d7bd6eec9b88d4da233a8294034ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-f9d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=60
content-length: 3997
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 default.css
refundinsurance.ru/assets/4.2/ 168 KB
23 KB 357ms
357ms Stylesheet
text/css 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/default.css?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 9fb9b97f65f291ad3876b68c5a21566434a09c2510deffa249297ac6d93edd60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-5ac8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=60
content-length: 23240
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 nodes.css
refundinsurance.ru/assets/4.2/ 45 KB
7 KB 279ms
278ms Stylesheet
text/css 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/nodes.css?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 89ee9f79583e7484d7da861eaec245b636ba84007341f793cf234328c59910d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-1d1b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=60
content-length: 7451
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 vendors.js Show response
refundinsurance.ru/assets/4.2/ 8 KB
3 KB 277ms
276ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/vendors.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 024d4e69056ed25565a44c797c54a13194c30934129108a0d6cd516497d333bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-a46"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 2630
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 default.js Show response
refundinsurance.ru/assets/4.2/ 108 KB
31 KB 349ms
349ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 2814eccfbe8c6673daa2f655e7ac41b0728f08526dadbaa45252b3398f9edef7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-7a5f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 31327
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 nodes.js Show response
refundinsurance.ru/assets/4.2/ 44 KB
10 KB 92ms
91ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/nodes.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 77b2bf53781ea091303539988badedf0531333c82d47b206e6253a28d7d6c968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-28ba"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 10426
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 vendors-sync.js Show response
refundinsurance.ru/assets/4.2/ 116 KB
40 KB 327ms
327ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/vendors-sync.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 386d7d820a0a656f04876b33c8bd0d57d53dd331c77f73eaad75b22434b046c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-a0e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 41190
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 sv Show response
refundinsurance.ru/app/ 114 B
266 B 131ms
131ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/app/sv?tech=1323713.1365900.230478&url=%2F&referer=
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard / PHP/7.4.30
Resource Hash: ec380f8675e825bba642f0a5c0369ddc832cd962d161dd657a0c6c1d8ee26a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: br
server: ddos-guard
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e98fb02c59df87f7a0929e6db65aa79bb92fa84a2f7e61f6fad5b4dfa53ed4ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 116 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62109d008290dcc5082732986afd832448190b03dfdf67b4940398bf1a9add45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 92 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9c9b307ffe4cf8fe6086d183005a979ec23cb3580c96631213ab4ef06f411d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vendors-async.css
refundinsurance.ru/assets/4.2/ 70 KB
15 KB 128ms
126ms Stylesheet
text/css 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/vendors-async.css?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 945689176bf268b10fd9defe102bb3b4d971f15f41de65e35e5c1aaee7064361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-3d5d"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=60
content-length: 15709
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 ionrange-async.css
refundinsurance.ru/assets/4.2/ 2 KB
635 B 95ms
94ms Stylesheet
text/css 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/ionrange-async.css?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: b5c1e5bd0a87e77c00b8d28227ffec2f87172eebcff4819ac104673305c218eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-24b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=60
content-length: 587
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 async Show response
refundinsurance.ru/app/4.2/ 27 KB
5 KB 97ms
96ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/app/4.2/async?key=f5a286ba0b8c6fcf088fe2d4f69f004a
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard / PHP/7.4.30
Resource Hash: 99946b5abbc0794aaa9a2bf27025aed911bd37d9719014cf1f28e49c19215e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: br
server: ddos-guard
x-robots-tag: noindex, nofollow
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 vendors-async.js Show response
refundinsurance.ru/assets/4.2/ 114 KB
36 KB 87ms
86ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/vendors-async.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 56436e75a0400e82967d0e69bb2fea0aabd21384ac62cd14c85feb912022f50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-8ec2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 36546
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 swiper-async.js Show response
refundinsurance.ru/assets/4.2/ 106 KB
28 KB 95ms
94ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/swiper-async.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: d7158f9492f9884ce28f9b343fc99e657ced6065ab061e56e1bb5043c1224d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-6feb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 28651
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 ionrange-async.js Show response
refundinsurance.ru/assets/4.2/ 40 KB
8 KB 95ms
94ms Script
application/javascript 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/assets/4.2/ionrange-async.js?v=1691064891
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard /
Resource Hash: 74302c7465cc388fae27f444a651847ff13e6b5570bfd2781e33883ecee88648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:55 GMT
content-encoding: gzip
last-modified: Thu, 03 Aug 2023 12:14:51 GMT
server: ddos-guard
etag: "64cb9a3b-21c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 8640
expires: Wed, 13 Sep 2023 10:26:55 GMT

GET
H2 200 adaptive-sections Show response
refundinsurance.ru/app/4.2/ 27 B
80 B 103ms
101ms Script
text/html 190.115.18.180
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://refundinsurance.ru/app/4.2/adaptive-sections?key=f5a286ba0b8c6fcf088fe2d4f69f004a
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/default.js?v=1691064891
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 190.115.18.180 , Belize, ASN59692 (IQWEB, AE),
Reverse DNS
Software: ddos-guard / PHP/7.4.30
Resource Hash: 64901141f20d57adf48486e578349148f3f157390b9e7f5c17ce7a04843874be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
content-encoding: br
server: ddos-guard
x-robots-tag: noindex, nofollow
x-powered-by: PHP/7.4.30
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK logotype.png
i.1.creatium.io/disk2/d6/7e/f4/6ffba3857364eba1ab10b76b4db2028032/260x37q8/ 5 KB
5 KB 170ms
51ms Image
image/png 188.68.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.1.creatium.io/disk2/d6/7e/f4/6ffba3857364eba1ab10b76b4db2028032/260x37q8/logotype.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.68.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 19bafc65863619a17f196e1b63d51b4de16ddc3f2fa4e43bd34e1bcab4704c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 10:25:56 GMT
Last-Modified: Wed, 06 Sep 2023 06:55:35 GMT
Server: nginx/1.18.0
ETag: "64f82267-12ae"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4782
Expires: Thu, 14 Sep 2023 10:25:56 GMT

GET
H/1.1 200
OK wooden_gavel.jpg
i.1.creatium.io/disk2/ea/be/79/9d7cb23d6617ec4af1af43dd2ceffe5fb4/1500x1000q8/ 534 KB
534 KB 229ms
108ms Image
image/jpeg 188.68.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.1.creatium.io/disk2/ea/be/79/9d7cb23d6617ec4af1af43dd2ceffe5fb4/1500x1000q8/wooden_gavel.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.68.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9dd52fe2693bc046d3a9ca559d04e8552e55897fd104f050ab406e63617a935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 10:25:56 GMT
Last-Modified: Tue, 12 Sep 2023 13:17:08 GMT
Server: nginx/1.18.0
ETag: "650064d4-85706"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 546566
Expires: Thu, 14 Sep 2023 10:25:56 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
75 KB 83ms
32ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/vendors-async.css?v=1691064891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundinsurance.ru/
Origin: https://refundinsurance.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11963791
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75728
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1G4n1WEVozFT3eODBwnNRQwciwyZ6Sbk%2BZI5SyuEFjE2i7Lx4A7XGCmmxCgqQsWaYUsv43BW8Cp63a503QUG%2FAT5s2qyfNBlOpbbLk38fmYKUcxsWhDD6bb9i9hMAIyljjdJGupqxvt1FT7X6unEcSx8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 805fb065cf7a39e5-FRA
expires: Mon, 02 Sep 2024 10:25:56 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
74 KB 91ms
52ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2

Requested by

Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/vendors-async.css?v=1691064891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundinsurance.ru/
Origin: https://refundinsurance.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 10:25:56 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4795879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 75336
last-modified: Thu, 22 Jun 2023 11:02:19 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942a3b-12648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiYm1RVHErfmlfvEUiu7q7Em8s%2FMi54MtVAyzdtkYWIcrZeS6QvZqMcbqeXsOMZHfKt3VGHbNO5%2F1a7hUqzMMdCuIE6rr1VBb3yDlYlBVKS9qs0SHZF5CrGjKXnTVQzMRwHLnJHwJRuCD1M9anidKv0O"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 805fb065cf7f39e5-FRA
expires: Mon, 02 Sep 2024 10:25:56 GMT

GET
H/1.1 200
OK logotype.png
i.1.creatium.io/disk2/d6/7e/f4/6ffba3857364eba1ab10b76b4db2028032/260x37q8/ 5 KB
5 KB 51ms
51ms Image
image/png 188.68.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.1.creatium.io/disk2/d6/7e/f4/6ffba3857364eba1ab10b76b4db2028032/260x37q8/logotype.png
Requested by: Host: refundinsurance.ru
URL: https://refundinsurance.ru/assets/4.2/vendors-sync.js?v=1691064891
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.68.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 19bafc65863619a17f196e1b63d51b4de16ddc3f2fa4e43bd34e1bcab4704c77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 10:25:56 GMT
Last-Modified: Wed, 06 Sep 2023 06:55:35 GMT
Server: nginx/1.18.0
ETag: "64f82267-12ae"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4782
Expires: Thu, 14 Sep 2023 10:25:56 GMT

GET
H/1.1 200
OK wooden_gavel.jpg
i.1.creatium.io/disk2/ea/be/79/9d7cb23d6617ec4af1af43dd2ceffe5fb4/1500x1000q8/ 534 KB
534 KB 54ms
54ms Image
image/jpeg 188.68.204.154
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.1.creatium.io/disk2/ea/be/79/9d7cb23d6617ec4af1af43dd2ceffe5fb4/1500x1000q8/wooden_gavel.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 188.68.204.154 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9dd52fe2693bc046d3a9ca559d04e8552e55897fd104f050ab406e63617a935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refundinsurance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Wed, 13 Sep 2023 10:25:56 GMT
Last-Modified: Tue, 12 Sep 2023 13:17:08 GMT
Server: nginx/1.18.0
ETag: "650064d4-85706"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 546566
Expires: Thu, 14 Sep 2023 10:25:56 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.refundinsurance.ru/	1970-01-20 23:28:56	Name: __ddg1_ Value: 7EhePmOaEOm4HbjXDomY
refundinsurance.ru/	1970-01-20 23:28:56	Name: creatium-stat-cookie-hash Value: 5a3bf152466e0ddc9769c0430db4c1c6
.refundinsurance.ru/	1969-12-31 23:59:59	Name: visit_id Value: 492758833

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
i.1.creatium.io
refundinsurance.ru
www.refundinsurance.ru
188.68.204.154
190.115.18.180
2606:4700::6811:180e
024d4e69056ed25565a44c797c54a13194c30934129108a0d6cd516497d333bb
19bafc65863619a17f196e1b63d51b4de16ddc3f2fa4e43bd34e1bcab4704c77
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
2814eccfbe8c6673daa2f655e7ac41b0728f08526dadbaa45252b3398f9edef7
386d7d820a0a656f04876b33c8bd0d57d53dd331c77f73eaad75b22434b046c7
56436e75a0400e82967d0e69bb2fea0aabd21384ac62cd14c85feb912022f50e
62109d008290dcc5082732986afd832448190b03dfdf67b4940398bf1a9add45
64901141f20d57adf48486e578349148f3f157390b9e7f5c17ce7a04843874be
74302c7465cc388fae27f444a651847ff13e6b5570bfd2781e33883ecee88648
77b2bf53781ea091303539988badedf0531333c82d47b206e6253a28d7d6c968
79c55eed3304eb857af1057c9fc55a2d127d7bd6eec9b88d4da233a8294034ef
89ee9f79583e7484d7da861eaec245b636ba84007341f793cf234328c59910d8
945689176bf268b10fd9defe102bb3b4d971f15f41de65e35e5c1aaee7064361
99946b5abbc0794aaa9a2bf27025aed911bd37d9719014cf1f28e49c19215e78
9dd52fe2693bc046d3a9ca559d04e8552e55897fd104f050ab406e63617a935b
9fb9b97f65f291ad3876b68c5a21566434a09c2510deffa249297ac6d93edd60
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
b5c1e5bd0a87e77c00b8d28227ffec2f87172eebcff4819ac104673305c218eb
b9c9b307ffe4cf8fe6086d183005a979ec23cb3580c96631213ab4ef06f411d2
d7158f9492f9884ce28f9b343fc99e657ced6065ab061e56e1bb5043c1224d83
e98fb02c59df87f7a0929e6db65aa79bb92fa84a2f7e61f6fad5b4dfa53ed4ea
ec380f8675e825bba642f0a5c0369ddc832cd962d161dd657a0c6c1d8ee26a92
ee8240f34f9a10e0f08acf1090058e6728cd26ab20f368234629a26df7063f8b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

refundinsurance.ru Open in urlscan Pro 190.115.18.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

1458 kBTransfer

2296 kBSize

3 Cookies

5 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

3 Cookies

Indicators

refundinsurance.ru Open in urlscan Pro
190.115.18.180 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

1458 kB
Transfer

2296 kB
Size

3
Cookies

22 HTTP transactions
4 data transactions