urlscan.io logo urlscan.io
SecurityTrails logo

imf-refunds.org Open in urlscan Pro
2a02:4780:b:1043:0:2853:29b7:2  Public Scan

Go To Rescan Add Verdict Report
URL: https://imf-refunds.org/
Submission: On July 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 2a02:4780:b:1043:0:2853:29b7:2, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is imf-refunds.org.
TLS certificate: Issued by R3 on June 28th 2023. Valid for: 3 months.
This is the only time imf-refunds.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2a02:4780:b:1... 47583 (AS-HOSTINGER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 99.86.4.76 16509 (AMAZON-02)
1 151.101.194.137 54113 (FASTLY)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
1 162.247.243.29 54113 (FASTLY)
1 34.210.237.78 16509 (AMAZON-02)
50 13
27    2a02:4780:b:1043:0:2853:29b7:2 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
imf-refunds.org
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::ac43:592 (United States)

ASN13335 (CLOUDFLARENET, US)
www.powr.io
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
public.powrcdn.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
3    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2117:be00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    34.210.237.78 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-237-78.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
27 imf-refunds.org
imf-refunds.org
346 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1858
q.stripe.com — Cisco Umbrella Rank: 17709
m.stripe.com — Cisco Umbrella Rank: 1691
133 KB
5 powrcdn.com
public.powrcdn.com — Cisco Umbrella Rank: 39385
785 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2054
18 KB
2 gstatic.com
fonts.gstatic.com
38 KB
2 powr.io
www.powr.io — Cisco Umbrella Rank: 15077
48 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 302
495 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 504
28 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1042
17 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 372
32 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
50 11
Domain Requested by
27 imf-refunds.org imf-refunds.org
5 public.powrcdn.com www.powr.io
3 q.stripe.com imf-refunds.org
3 js.stripe.com public.powrcdn.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 fonts.gstatic.com fonts.googleapis.com
2 www.powr.io imf-refunds.org
www.powr.io
1 m.stripe.com m.stripe.network
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.powr.io
1 maxcdn.bootstrapcdn.com www.powr.io
1 cdn.jsdelivr.net www.powr.io
1 fonts.googleapis.com imf-refunds.org
50 13

This site contains no links.

Subject Issuer Validity Valid
imf-refunds.org
R3		 2023-06-28 -
2023-09-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-04 -
2024-05-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
powrcdn.com
GTS CA 1P5		 2023-06-01 -
2023-08-30		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-21 -
2023-11-16		 4 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-05-25 -
2023-08-23		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-26 -
2023-10-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://imf-refunds.org/
Frame ID: F1E6468046264054A9151B2E9B8E6BEE
Requests: 31 HTTP requests in this frame

Frame: https://www.powr.io/form-builder/u/863eb996_1687964581
Frame ID: 558DDB759796CF230338BE3EDD673AC2
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 31D0ECABD0E1F1533DBAACD2CA6215D5
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 42FDB2F3DBC69B487B7312420E843224
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

50
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

13
Subdomains

13
IPs

2
Countries

1445 kB
Transfer

6497 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
imf-refunds.org/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a9815ff91bf67f93021686a22a5b141db231a78f1e1cdd3a485b63ad6adb5720
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
3789
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Fri, 28 Jul 2023 20:29:15 GMT
etag
"454c-649c5442-81225dbc2dd491b0;br"
last-modified
Wed, 28 Jun 2023 15:39:46 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
mobirise2.css
imf-refunds.org/assets/web/assets/mobirise-icons2/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/web/assets/mobirise-icons2/mobirise2.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:50 GMT
server
LiteSpeed
etag
"2205-649c5446-ee54d5d10ba75088;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1419
expires
Fri, 04 Aug 2023 20:29:15 GMT
tether.min.css
imf-refunds.org/assets/tether/ 		237 B
322 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/tether/tether.min.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"ed-649c5443-6e4b09522c5a7bfd;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
237
expires
Fri, 04 Aug 2023 20:29:15 GMT
bootstrap.min.css
imf-refunds.org/assets/bootstrap/css/ 		157 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/bootstrap/css/bootstrap.min.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7ba7f6b94246d8a609919f613d8193727b6a1fdc4f8ccf28ff60604841dde059
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"27201-649c5444-a3bfa21bd3d72c9f;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
20942
expires
Fri, 04 Aug 2023 20:29:15 GMT
bootstrap-grid.min.css
imf-refunds.org/assets/bootstrap/css/ 		49 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/bootstrap/css/bootstrap-grid.min.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d09994287661d2e119432735468aa69f230238903d28dcd447eb0cb2ce0607e9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"c59a-649c5444-6404304a666cad0e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4734
expires
Fri, 04 Aug 2023 20:29:15 GMT
bootstrap-reboot.min.css
imf-refunds.org/assets/bootstrap/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/bootstrap/css/bootstrap-reboot.min.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5ba020e537d809162f2db194c6d019afb54a0056b081f06f38ca8ccf0e825120
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"f0b-649c5444-20b59a4351437690;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1346
expires
Fri, 04 Aug 2023 20:29:15 GMT
style.css
imf-refunds.org/assets/dropdown/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/dropdown/css/style.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"1f2e-649c5443-a8620b463b786be2;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1528
expires
Fri, 04 Aug 2023 20:29:15 GMT
styles.css
imf-refunds.org/assets/socicon/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/socicon/css/styles.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"3ca9-649c5444-1c0fb76edfd2216b;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2742
expires
Fri, 04 Aug 2023 20:29:15 GMT
style.css
imf-refunds.org/assets/theme/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/theme/css/style.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a96ea68b1843d94f4b8a20a66d89302bf8a4a47f5c270270bf6a53646c75fe99
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:49 GMT
server
LiteSpeed
etag
"3864-649c5445-4c2c0d7fffcde5;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3216
expires
Fri, 04 Aug 2023 20:29:15 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bellota+Text:300,300i,400,400i,700,700i&display=swap
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
047a31c85ca08abe00b5f9c48a5f0b41236be6431e6e20c041676d576c023b4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 28 Jul 2023 20:29:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Jul 2023 20:29:15 GMT
mbr-additional.css
imf-refunds.org/assets/mobirise/css/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/mobirise/css/mbr-additional.css
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f32c44b5b5cd50bac71fd467e8ac765525297917f7f785769a7aa2bdee75a9d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"8754-649c5444-b306762d2d9ab4aa;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5247
expires
Fri, 04 Aug 2023 20:29:15 GMT
screenshot-2023-06-28-at-09-07-08-about-the-imf-1099x329.png
imf-refunds.org/assets/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/screenshot-2023-06-28-at-09-07-08-about-the-imf-1099x329.png
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0492e41df66793dd1a29fa5e8e78cc8562607641a8bc9ebcd5ffdc78a26348d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"e572-649c5444-a563729a09f9e7ab;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
58738
expires
Fri, 04 Aug 2023 20:29:16 GMT
screenshot-2023-06-28-at-09-15-53-about-the-imf-1072x516.png
imf-refunds.org/assets/images/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/screenshot-2023-06-28-at-09-15-53-about-the-imf-1072x516.png
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
10e8df96d678df92f0e4687e2b76d07f3edf65e76efc0de4baa84aa10849717c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"d50b-649c5444-560d09be03da4173;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
54539
expires
Fri, 04 Aug 2023 20:29:16 GMT
300x164-kg-staff-300x164.png
imf-refunds.org/assets/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/300x164-kg-staff-300x164.png
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
be7bad185a52b22078d381bd78274caeea6c25a9ad044f814e709804cb94a7ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"6b09-649c5444-25d1b831ba5df1b0;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
27401
expires
Fri, 04 Aug 2023 20:29:16 GMT
m3-300x164.png
imf-refunds.org/assets/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/m3-300x164.png
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
779b2c537e919cfc9c667f074dc4616dabd0f8148c497bdd9dd26bff9a19c819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"5e39-649c5444-ff4408ede93e3e5b;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
24121
expires
Fri, 04 Aug 2023 20:29:16 GMT
stphane-roudet-ghana-mc-287x406.jpg
imf-refunds.org/assets/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/stphane-roudet-ghana-mc-287x406.jpg
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a4dff9f7015a13476798a39c1343dfeb6618d2b359c23d8e3543f5d86e651d80
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"3cba-649c5444-9a71da4973191d2d;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
15546
expires
Fri, 04 Aug 2023 20:29:16 GMT
yvjrnhlnyznfpo2odicupnwuom-300x200.jpg
imf-refunds.org/assets/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/yvjrnhlnyznfpo2odicupnwuom-300x200.jpg
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8d07fd4ea27967d96954790a215712d8f4f425a1e00c609e2337e596a5ab8d7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:49 GMT
server
LiteSpeed
etag
"3beb-649c5445-45bf60fcde4636d2;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
15339
expires
Fri, 04 Aug 2023 20:29:16 GMT
screenshot-2023-06-28-at-09-08-02-about-the-imf-1099x428.png
imf-refunds.org/assets/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imf-refunds.org/assets/images/screenshot-2023-06-28-at-09-08-02-about-the-imf-1099x428.png
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7deb21f32edb28bfcde309c3fa8f5923e63bc0d2dba7f15df5d17620d6ec4f74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:48 GMT
server
LiteSpeed
etag
"594e-649c5444-de1ab7f09c8ec32f;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
22862
expires
Fri, 04 Aug 2023 20:29:16 GMT
powr.js
www.powr.io/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/powr.js?platform=mobirise
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22b1ce795d214b8cd6ed922a45dcf7a9003bfe62fb7c66b100a206050d2b5ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:15 GMT
content-security-policy
frame-ancestors *.powr.io *.wix.com *.mybigcommerce.com *.weebly.com *.stripe.com *.myshopify.com *.shopify.com *.editorx.com *.sharethis.com sharethis.com *.webydo.com;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-origin-instance
gke
age
171253
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 20:51:48 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
cf-ray
7edfdf8e9b212bc9-FRA
expires
Fri, 26 Jul 2024 20:52:05 GMT
jquery.min.js
imf-refunds.org/assets/web/assets/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/web/assets/jquery/jquery.min.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:50 GMT
server
LiteSpeed
etag
"15d84-649c5446-da7d1b59b84ac87a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
30026
expires
Fri, 04 Aug 2023 20:29:16 GMT
popper.min.js
imf-refunds.org/assets/popper/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/popper/popper.min.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"4a32-649c5443-db2a584f413c06b9;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6520
expires
Fri, 04 Aug 2023 20:29:16 GMT
tether.min.js
imf-refunds.org/assets/tether/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/tether/tether.min.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"5ab1-649c5443-171aa52599d0175a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6550
expires
Fri, 04 Aug 2023 20:29:16 GMT
bootstrap.min.js
imf-refunds.org/assets/bootstrap/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/bootstrap/js/bootstrap.min.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"ea8c-649c5443-19977b41e85e8008;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
13988
expires
Fri, 04 Aug 2023 20:29:16 GMT
smooth-scroll.js
imf-refunds.org/assets/smoothscroll/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/smoothscroll/smooth-scroll.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
58c190b80bbaf388cd586a16e3c21876fdd0eca9d22554d2a3e027e3a6f43cd6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"1f22-649c5443-5c5577e6deca67ff;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3228
expires
Fri, 04 Aug 2023 20:29:16 GMT
nav-dropdown.js
imf-refunds.org/assets/dropdown/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/dropdown/js/nav-dropdown.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6871afa8d71086be001b5eb8eec028e7387d28f1fe3488f3b1ff150499bd159a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:49 GMT
server
LiteSpeed
etag
"1f1d-649c5445-f655410cc98dd4ca;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
2439
expires
Fri, 04 Aug 2023 20:29:16 GMT
navbar-dropdown.js
imf-refunds.org/assets/dropdown/js/ 		2 KB
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/dropdown/js/navbar-dropdown.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1d3d0856dd768deb785b2c03611dcfe9cdb3e2557603c99465660fa57d04a008
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:49 GMT
server
LiteSpeed
etag
"62e-649c5445-9eb009c14eb19634;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
571
expires
Fri, 04 Aug 2023 20:29:16 GMT
jquery.touch-swipe.min.js
imf-refunds.org/assets/touchswipe/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/touchswipe/jquery.touch-swipe.min.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:47 GMT
server
LiteSpeed
etag
"4fbc-649c5443-4d44c6aa669f7644;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4849
expires
Fri, 04 Aug 2023 20:29:16 GMT
script.js
imf-refunds.org/assets/theme/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/theme/js/script.js
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a4c48e17d4617f26179a1b6f2e2d51952d7a2ef0c6b11f398af622e45c2f7b9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imf-refunds.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:50 GMT
server
LiteSpeed
etag
"4ed8-649c5446-fdda5759d739f6d0;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
6009
expires
Fri, 04 Aug 2023 20:29:16 GMT
0FlMVP2VnlWS4f3-UE9hHXM5Rfwaeg_x.woff2
fonts.gstatic.com/s/bellotatext/v16/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bellotatext/v16/0FlMVP2VnlWS4f3-UE9hHXM5Rfwaeg_x.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bellota+Text:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
703ee3b908c123462cd2b40f475a176bb6034f502989e743db123448e1ef45e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://imf-refunds.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 15:32:36 GMT
x-content-type-options
nosniff
age
536200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19604
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 20:07:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 Jul 2024 15:32:36 GMT
0FlTVP2VnlWS4f3-UE9hHXMx_tkP.woff2
fonts.gstatic.com/s/bellotatext/v16/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bellotatext/v16/0FlTVP2VnlWS4f3-UE9hHXMx_tkP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bellota+Text:300,300i,400,400i,700,700i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8236d92254ab3a103eaf09a8f4383d62d1bb5f27ca855a24805a639487daf602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://imf-refunds.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 03:31:19 GMT
x-content-type-options
nosniff
age
147477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18996
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:28:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jul 2024 03:31:19 GMT
mobirise2.ttf
imf-refunds.org/assets/web/assets/mobirise-icons2/ 		25 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://imf-refunds.org/assets/web/assets/mobirise-icons2/mobirise2.ttf?f2bix4
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/assets/web/assets/mobirise-icons2/mobirise2.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:1043:0:2853:29b7:2 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://imf-refunds.org/assets/web/assets/mobirise-icons2/mobirise2.css
Origin
https://imf-refunds.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 28 Jun 2023 15:39:50 GMT
server
LiteSpeed
etag
"62c0-649c5446-b0f19a44c7212a0d;br"
vary
Accept-Encoding
content-type
application/x-font-ttf
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
13199
expires
Fri, 04 Aug 2023 20:29:16 GMT
863eb996_1687964581
www.powr.io/form-builder/u/ Frame 558D 		263 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.powr.io/form-builder/u/863eb996_1687964581
Requested by
Host: www.powr.io
URL: https://www.powr.io/powr.js?platform=mobirise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e00eebfd2d2e6353fa6c7fb7ce1a41d89c9b774a9d5efd902fcfc0278ee4ed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://imf-refunds.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16890
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1800, public
cf-cache-status
HIT
cf-ray
7edfdf933a4f2bc9-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 28 Jul 2023 20:29:16 GMT
link
<https://public.powrcdn.com/latest/assets/packs/style_packs/views-c3775a84dc3dd3ca5f4c-e4cd454.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/views/formBuilder-cf388c9a7580550f24ed-e4cd454.css>; rel=preload; as=style; nopush,<https://public.powrcdn.com/latest/assets/packs/apps-view-26f99f85f61eec593930-e4cd454.js>; rel=preload; as=script; nopush,<https://public.powrcdn.com/latest/assets/packs/apps/formBuilder-b6c88a5c831ad032c80b-e4cd454.js>; rel=preload; as=script; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-origin-instance
gke
x-request-id
75116e56-fa97-4fa0-a7e4-d32ede78e00b
x-runtime
0.385765
x-xss-protection
1; mode=block
views-c3775a84dc3dd3ca5f4c-e4cd454.css
public.powrcdn.com/latest/assets/packs/style_packs/ Frame 558D 		382 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/style_packs/views-c3775a84dc3dd3ca5f4c-e4cd454.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f0f9dabf8717e9cd491105474d0f3bd1709f4338ffd2cc1d35f940d72e07b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
x-amz-version-id
O3CQ6FkRRRguCMT7azUuyxbjAJAYxLuM
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FE0CW003KS9EHYMB
age
5722
cf-polished
origSize=467930
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Y8VerW494TLwXzj2edr9SMWnh4e8AngqEv3MaDxBRnRxtFA1wdHVKkjKS2pS7g6FSPycqwuB4nw=
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 20:45:03 GMT
server
cloudflare
etag
W/"c46a8d4a35a677134003cb3ba6ab7c01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgjB%2FgmJSvctzZ2cwmnt%2Fs%2BJotNmb%2FmwVCJ17yFXPycLvnr%2FsGp8Tdxnja4LDVflhIpm5SFUw5kT71T%2F03TfR21X8JRMcFdLv%2BX6YTdLXPdbxfy6iQ9LubOXj0CpjRu2ESseOM47JsBWP%2FVZ0AMeBGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7edfdf93990139c8-FRA
formBuilder-cf388c9a7580550f24ed-e4cd454.css
public.powrcdn.com/latest/assets/packs/apps/views/ Frame 558D 		2 MB
207 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps/views/formBuilder-cf388c9a7580550f24ed-e4cd454.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29341e28dc69b02dcbca4e0bcddf1650f9b5633c6a58cbff2916403d27aa0584

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
x-amz-version-id
zDv_R.9LNZ9eDunrnp3J64LmFdyla6Ex
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T26K8G3Q8G7Y71DM
age
4872
cf-polished
origSize=2180211
alt-svc
h3=":443"; ma=86400
x-amz-id-2
7eNmA9AeVEnq+DFVg2Jshm4tif57wiMudIsLx/dwJkvYVEhGema6fJGHoVf5BKebJ6dAdVqpnpw=
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 20:45:02 GMT
server
cloudflare
etag
W/"2248f601c0a4767266e042d01db9c773"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg5UsBNcnA1Y0XWz7leQM2C1k21Rdm2kjj28Q%2BFJdKks7Ida7pEJ9C8S3tDmrr45roFEZMJQveyu2Kik5q1fkq%2FwM%2BQ%2FBndNZJTgc36Ce0uggI0ZWPpynFNw3jB%2FzpDE%2BwU8f0KSmvu%2F5RoZ74FXcCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7edfdf93990539c8-FRA
apps-view-26f99f85f61eec593930-e4cd454.js
public.powrcdn.com/latest/assets/packs/ Frame 558D 		706 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps-view-26f99f85f61eec593930-e4cd454.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702cb2ffcb204c1e44b9fc07a0f4de0fbb460e09045d62f7c14354892952d540

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
x-amz-version-id
HBX3oYD9mJcEzVqMo_eKMFdJkkAdAEZk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FE0DRY6QYM6G2ZJ1
age
5722
cf-polished
origSize=1158484
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jT2ugSAW0t9FHBLa8DgNxrlIOuIwDSf8ckoRR1N5f18H9eUNi+tJTnBrUp62kMo6QTTZsz+uz6o=
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 20:45:02 GMT
server
cloudflare
etag
W/"15142713e2647f966af2fd9868ea3269"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xymFjhHLuSqOPvehi6IHQY4K9ijpRzkzFEvEG7z1w%2Fy%2F0CTHxOENiXYHN8ZGg7VZTfq7M2Kre2mDhf%2FdOSkPnCL8MLH0BzoxNXeN8SovCFCxpDPidUGpS944RHT5PV%2FbLJJcA5Lj%2FikYREwyBA0mN30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7edfdf93990839c8-FRA
formBuilder-b6c88a5c831ad032c80b-e4cd454.js
public.powrcdn.com/latest/assets/packs/apps/ Frame 558D 		2 MB
365 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/apps/formBuilder-b6c88a5c831ad032c80b-e4cd454.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a5a1c1ecc1b80970ea325eeeca52e99f0214d274cbf7bfe9c08dc09e6a68a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
x-amz-version-id
r7m8D8tw1pNd8fNE7DcTHZPZ8Tvmsd4i
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
T26XDJ1G4D0BPD0H
age
4626
cf-polished
origSize=2558432
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+PS6bFFVA1HI7+oj+vSX5xKub7bojcaXLxaX3mInUd3Kk6FSSypqxIPjc7YoAMIs1YsILBTgSjc=
cf-bgj
minify
last-modified
Wed, 26 Jul 2023 20:42:42 GMT
server
cloudflare
etag
W/"68587313d60709e2475859875bd8b35c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uhz1DXJlOBL0PxmIc6cU6EeqEYOk%2B7TMVg5HJ5S6OUjORUt7uqep6VE8YtpprO1BF5Z0%2BDpsvk4RQXf4tqFGBHvnm1jHsg6PC9YlJehLqXJ1Eq%2Bh9ZsNmaOtgr2JlbRAgSxh8N9XFp%2F6ZdObx3B3kUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7edfdf93990a39c8-FRA
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.6.4/dist/ Frame 558D 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.6.4/dist/jquery.min.js
Requested by
Host: www.powr.io
URL: https://www.powr.io/form-builder/u/863eb996_1687964581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12226547
x-jsd-version
3.6.4
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230058-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"15ec3-7aRnR8cdOKiAvuRPmkOcOFi7j5k"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itEg9HpgXc6bLVvVS3O5%2Bvn0gOyFT%2FIA4Sh4pUJmoaoAkKh9vGzbcAjByxfG5kTRG%2FB3Mtbit0Q9AXcRiKN4EXkIU5GOO3l08dlendPfsIz06z08ztc1UVY7TPfq2MpCO0tqoYlnzGSCQuOgsmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7edfdf9399e52c1b-FRA
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/ Frame 558D 		95 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.min.css
Requested by
Host: www.powr.io
URL: https://www.powr.io/form-builder/u/863eb996_1687964581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
15346471
cdn-cachedat
2021-04-13 03:03:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:55 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
59269352258c9b290d959e4a0bf811d2
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
7edfdf939cf33665-FRA
cdn-requestpullsuccess
True
all-ZXPVXNMN.js
public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/ Frame 558D 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://public.powrcdn.com/latest/assets/packs/esbuild/fontawesome/all-ZXPVXNMN.js
Requested by
Host: www.powr.io
URL: https://www.powr.io/form-builder/u/863eb996_1687964581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12ff3494f6b44197ab591fe478d52687b537134ce5d1910ea0dac7b6b3a3193

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:16 GMT
x-amz-version-id
gH._Ov1bNmVpm1mIcwQtnEB3MMrTt9r4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
MCT20BJWP5E9ZRNT
age
2910
cf-polished
origSize=1510
alt-svc
h3=":443"; ma=86400
x-amz-id-2
exQlU7uaaDPqW27rN+Fm2eS6Cu2rA2WfaXKEnCg3k/cqbVm2vd/V3GdRJIw1LANe4TEX+4u7Uhg=
cf-bgj
minify
last-modified
Wed, 19 Jul 2023 17:22:15 GMT
server
cloudflare
etag
W/"b087623e485a410c64ce7e2b2f37c86b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjhQhVlcpxhhoHB03D0l9IkqtcNUpA%2FSyQ%2BpXkz7gTvnuPKgUxy7rCXAfBS1C07mrRY44SGrlROivvyVcqWVM5CaaNqWRPU2JuoYC%2FB2m8b7J%2Fg2RZinFqU7x1y0BKyWwUC0WoVYnThQS5hOWvzwZ94%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7edfdf93e9da39c8-FRA
v3
js.stripe.com/ Frame 558D 		517 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: public.powrcdn.com
URL: https://public.powrcdn.com/latest/assets/packs/apps/formBuilder-b6c88a5c831ad032c80b-e4cd454.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7b2f2c52d0ba7204aaab6bff76953ee2a6fbb4b51b74d0763f972ce2a284729b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 28 Jul 2023 20:29:12 GMT
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 28 Jul 2023 17:46:56 GMT
server
Cloudfront
etag
W/"12acf9c198d1ac6e90fb0773c474cd41"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
5xwyt9_x26mLW-cOCE-fbH1xfRVVVvCgoy4vKo5ZykRvwh3Zug2JfA==
nr-1184.min.js
js-agent.newrelic.com/ Frame 558D 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1184.min.js
Requested by
Host: www.powr.io
URL: https://www.powr.io/form-builder/u/863eb996_1687964581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id
null
date
Fri, 28 Jul 2023 20:29:17 GMT
via
1.1 varnish
strict-transport-security
max-age=300
x-amz-request-id
WPM1VESY3K37GAXK
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
27995
x-amz-id-2
VuT/mRw3iyiLCew1x1EE2H4RlPphbu8+VEpAJhJBglYFvjPU3W0qMgHS9PBPOARPqNiEILCUEH4=
x-served-by
cache-fra-eddf8230113-FRA
last-modified
Mon, 28 Sep 2020 16:34:45 GMT
server
AmazonS3
x-timer
S1690576157.072498,VS0,VE0
etag
"3d7f312be60d08a2568e311e4762f3af"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
50
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 31D0 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.powr.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3491
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 28 Jul 2023 19:31:10 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 05 Jul 2023 20:15:53 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
lpwtB2x9WHb5v27zUYs7z-J077Bvz1i_yVjJuE_ZrKjR72gZZuY-vw==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 31D0 		631 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 28 Jul 2023 19:43:26 GMT
x-content-type-options
nosniff
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
age
2752
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
631
last-modified
Fri, 21 Jul 2023 22:17:58 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u83OYacj3hl9iepaoArE9sd5PVU061uIJvIprbT6UByV3iVpZRyO-Q==
csp-report
q.stripe.com/ Frame 31D0 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 28 Jul 2023 20:29:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1690576157506389
x-envoy-upstream-service-time
6
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1690576157502093
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 31D0 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 28 Jul 2023 20:29:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1690576157503081
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1690576157502100
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 42FD 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:be00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
248
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 28 Jul 2023 20:25:09 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 4c636d1acba4193747390c896124ffcc.cloudfront.net (CloudFront)
x-amz-cf-id
seL0Y1vIRt5tN3If8SFEADEz6HJRl6O8fQZhyZsMdF5a8HTB3FCLcw==
x-amz-cf-pop
CDG50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
4474f5c124
bam.nr-data.net/1/ Frame 558D 		56 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/4474f5c124?a=77339425&sa=1&v=1184.ab39b52&t=Unnamed%20Transaction&rst=416&ck=1&ref=https://www.powr.io/form-builder/u/863eb996_1687964581&be=193&fe=368&dc=246&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1690576156666,%22n%22:0,%22f%22:0,%22dn%22:0,%22dne%22:0,%22c%22:0,%22ce%22:0,%22rq%22:2,%22rp%22:24,%22rpe%22:28,%22dl%22:27,%22di%22:245,%22ds%22:245,%22de%22:246,%22dc%22:368,%22l%22:368,%22le%22:371%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1184.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.powr.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:29:17 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
56
x-served-by
cache-fra-eddf8230114-FRA
csp-report
q.stripe.com/ Frame 42FD 		0
492 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: imf-refunds.org
URL: https://imf-refunds.org/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 28 Jul 2023 20:29:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1690576157502592
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1690576157502284
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 42FD 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:be00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Jul 2023 20:25:10 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 4c636d1acba4193747390c896124ffcc.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
247
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
Y0WRHNWppdvk90OTXRLmfaGM2hOwgqkiEHWuuXvsjzIj8Nkvqrhllg==
6
m.stripe.com/ Frame 42FD 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.237.78 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-237-78.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2abb82ce88f87a7c04ad80f49969416e3cc6ad0dba29d0a20715fb6304cd473a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Fri, 28 Jul 2023 20:29:17 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1690576157740507
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1690576157739952
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| POWR_RECEIVERS function| loadPowr function| $ function| jQuery function| Popper function| Tether object| bootstrap function| SmoothScroll boolean| initSwitchArrowPlugin

2 Cookies

Domain/Path Name / Value
.nr-data.net/ Name: JSESSIONID
Value: 38b3b5b3449c2c3f
m.stripe.com/ Name: m
Value: 860687f3-0611-464f-bfbe-1a5ba8841b499fb4ca

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
imf-refunds.org
js-agent.newrelic.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
public.powrcdn.com
q.stripe.com
www.powr.io
151.101.194.137
162.247.243.29
2600:9000:2117:be00:19:7d10:bd80:93a1
2606:4700:10::ac43:592
2606:4700::6810:5614
2606:4700::6812:acf
2a00:1450:4001:80f::2003
2a00:1450:4001:82a::200a
2a02:4780:b:1043:0:2853:29b7:2
2a06:98c1:3121::3
34.210.237.78
54.187.119.242
99.86.4.76
047a31c85ca08abe00b5f9c48a5f0b41236be6431e6e20c041676d576c023b4c
0492e41df66793dd1a29fa5e8e78cc8562607641a8bc9ebcd5ffdc78a26348d4
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
10e8df96d678df92f0e4687e2b76d07f3edf65e76efc0de4baa84aa10849717c
1cbda21998b65e08a7e936114cabd7f7783d0f590dd6efdd58c7faa8b6e7b9aa
1d3d0856dd768deb785b2c03611dcfe9cdb3e2557603c99465660fa57d04a008
1f0f9dabf8717e9cd491105474d0f3bd1709f4338ffd2cc1d35f940d72e07b2b
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2821b13940d817794fbce634446678655eba83453a085a009eb456b52dfc4501
29341e28dc69b02dcbca4e0bcddf1650f9b5633c6a58cbff2916403d27aa0584
2abb82ce88f87a7c04ad80f49969416e3cc6ad0dba29d0a20715fb6304cd473a
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
38892acc026f0badcbb38eb0b148470f4e57821ae04c892a2cee50b5e0968d35
43a5a1c1ecc1b80970ea325eeeca52e99f0214d274cbf7bfe9c08dc09e6a68a2
523854ac3552c34b23a5f0c6a2f49c6ba0b439a95848692aa24bc304ecd29784
58c190b80bbaf388cd586a16e3c21876fdd0eca9d22554d2a3e027e3a6f43cd6
5ba020e537d809162f2db194c6d019afb54a0056b081f06f38ca8ccf0e825120
6871afa8d71086be001b5eb8eec028e7387d28f1fe3488f3b1ff150499bd159a
702cb2ffcb204c1e44b9fc07a0f4de0fbb460e09045d62f7c14354892952d540
703ee3b908c123462cd2b40f475a176bb6034f502989e743db123448e1ef45e3
779b2c537e919cfc9c667f074dc4616dabd0f8148c497bdd9dd26bff9a19c819
780861f2ab29c0144055244696561fb0306c8cb3cb7f548f9105c763b0e91f77
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7b2f2c52d0ba7204aaab6bff76953ee2a6fbb4b51b74d0763f972ce2a284729b
7ba7f6b94246d8a609919f613d8193727b6a1fdc4f8ccf28ff60604841dde059
7deb21f32edb28bfcde309c3fa8f5923e63bc0d2dba7f15df5d17620d6ec4f74
8236d92254ab3a103eaf09a8f4383d62d1bb5f27ca855a24805a639487daf602
8d07fd4ea27967d96954790a215712d8f4f425a1e00c609e2337e596a5ab8d7a
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9bdeba67a5e0f64db65210a03aa5c808e21ec02a5cff47bce7611b6ade9ee9e0
9e00eebfd2d2e6353fa6c7fb7ce1a41d89c9b774a9d5efd902fcfc0278ee4ed1
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a10d7edb8fd307f469beaaa75a725e4bdae24a1b867f5bc7960f01e25c99d8e1
a12ff3494f6b44197ab591fe478d52687b537134ce5d1910ea0dac7b6b3a3193
a22b1ce795d214b8cd6ed922a45dcf7a9003bfe62fb7c66b100a206050d2b5ab
a4c48e17d4617f26179a1b6f2e2d51952d7a2ef0c6b11f398af622e45c2f7b9f
a4dff9f7015a13476798a39c1343dfeb6618d2b359c23d8e3543f5d86e651d80
a96ea68b1843d94f4b8a20a66d89302bf8a4a47f5c270270bf6a53646c75fe99
a9815ff91bf67f93021686a22a5b141db231a78f1e1cdd3a485b63ad6adb5720
be7bad185a52b22078d381bd78274caeea6c25a9ad044f814e709804cb94a7ea
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
cdcbe8357cc75719dbb1b931f7f8b7690b94480814ee062742b0243a714b80e5
d09994287661d2e119432735468aa69f230238903d28dcd447eb0cb2ce0607e9
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f32c44b5b5cd50bac71fd467e8ac765525297917f7f785769a7aa2bdee75a9d1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d