urlscan.io logo urlscan.io
SecurityTrails logo

ru.easyjetrefund.com Open in urlscan Pro
192.185.41.236  Public Scan

Go To Rescan Add Verdict Report
URL: https://ru.easyjetrefund.com/
Submission: On November 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 50 HTTP transactions. The main IP is 192.185.41.236, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is ru.easyjetrefund.com.
TLS certificate: Issued by R3 on November 10th 2023. Valid for: 3 months.
This is the only time ru.easyjetrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

26    192.185.41.236 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: mail.qualityapparels.com
ru.easyjetrefund.com
klmdelayrefund.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 easyjetrefund.com
ru.easyjetrefund.com
335 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
226 KB
5 gstatic.com
fonts.gstatic.com
39 KB
5 klmdelayrefund.com
klmdelayrefund.com
218 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
148 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
968 B
50 9
Domain Requested by
21 ru.easyjetrefund.com ru.easyjetrefund.com
6 pagead2.googlesyndication.com ru.easyjetrefund.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.gstatic.com fonts.googleapis.com
5 klmdelayrefund.com ru.easyjetrefund.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
ru.easyjetrefund.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com ru.easyjetrefund.com
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ru.easyjetrefund.com
50 11

This site contains links to these domains. Also see Links.

Domain
www.cookieyes.com
refundor.com
eur-lex.europa.eu
Subject Issuer Validity Valid
ru.easyjetrefund.com
R3		 2023-11-10 -
2024-02-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
ukairpassengerrights.co.uk
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://ru.easyjetrefund.com/
Frame ID: 7C6480B5A5B7931E2E99C2B3C3A5A982
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: 6D501635B56DC508E12DFC8405D03695
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314317159561923&output=html&adk=3105533540&adf=2621220088&lmt=1699599575&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x675_l%7C404x675_r&format=0x0&url=https%3A%2F%2Fru.easyjetrefund.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699599575573&bpp=3&bdt=501&idt=233&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4776086065185&frm=20&pv=2&ga_vid=36154745.1699599576&ga_sid=1699599576&ga_hid=348804555&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807461%2C44808111%2C31078297%2C31079473%2C44806141%2C44808148&oid=2&pvsid=676863620992798&tmod=1482852104&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=254
Frame ID: D71B3731576FC8F4C24FAC5C4E36706D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3132FDF74344A2A996D8AB612E7C793
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 402508CF14167C29BEFD48C554687BBE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - EasyJet Refund Guide

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

50
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

995 kB
Transfer

2011 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ru.easyjetrefund.com/ 		142 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
ffa89a7533f6533bccb4af8937153807b7a25b53de33c2971c7ae7a7730cff72
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 10 Nov 2023 06:59:34 GMT
link
<https://ru.easyjetrefund.com/wp-json/>; rel="https://api.w.org/", <https://ru.easyjetrefund.com/wp-json/wp/v2/pages/263>; rel="alternate"; type="application/json", <https://ru.easyjetrefund.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
x-litespeed-tag
566_HTTP.200
style.min.css
ru.easyjetrefund.com/wp-includes/css/dist/block-library/ 		87 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.6
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:48 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
16594
styles.css
ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
style-main-new.min.css
ru.easyjetrefund.com/wp-content/themes/neve/ 		38 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/themes/neve/style-main-new.min.css?ver=3.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
bd3400ea708ae7730a3cf8957b2a17779848975a6a0a6de019fd493b5cd94399
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12081
style.min.css
ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/blog_pro/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/blog_pro/assets/style.min.css?ver=2.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
454aea45ece8c90cf219d91e2789d8d786b58444c01f0b40c3ab5b85002ac819
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1803
css
fonts.googleapis.com/ 		5 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Nov 2023 06:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 06:59:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Nov 2023 06:59:35 GMT
style.min.css
ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/header_footer_grid/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/header_footer_grid/assets/style.min.css?ver=2.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
4268ce53f3200f28dcc1a5f7e385541f70c375b11b6e30d74e9f4cc1a5d33289
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1585
script.min.js
ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/js/script.min.js?ver=3.0.6
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
a8403d988519e8faaea74f717d2f42f22736136f7592dcd8208e64e7b2bc839b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7375
js
www.googletagmanager.com/gtag/ 		243 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8E6Z72NSXY
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a07e3ed87762ca25bddb305cf78fb1dc7648d1346b6d62a474f350d6c7e98a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86309
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 Nov 2023 06:59:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5314317159561923
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b73f32fd79f3242d4a823f9d70bd3803be341fbca3dc0b97170dd354d6561ef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.easyjetrefund.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52424
x-xss-protection
0
server
cafe
etag
9046603929215243071
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 06:59:35 GMT
Woman-using-a-laptop-at-home.jpg
klmdelayrefund.com/wp-content/uploads/2021/06/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://klmdelayrefund.com/wp-content/uploads/2021/06/Woman-using-a-laptop-at-home.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
fb8b3b00b0e369938812ab13410c6faceeccaacbc24f833dfd978f8d1a1b680f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Tue, 15 Jun 2021 12:47:54 GMT
server
Apache
accept-ranges
bytes
content-length
85688
content-type
image/jpeg
Airport-information-screen.jpg
klmdelayrefund.com/wp-content/uploads/2021/06/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://klmdelayrefund.com/wp-content/uploads/2021/06/Airport-information-screen.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
e6e42bf4b615b68e218fe4e4a28ab2cfb7e2240aa2f8511db4c7bc658e8f34fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Tue, 15 Jun 2021 13:01:34 GMT
server
Apache
accept-ranges
bytes
content-length
30238
content-type
image/jpeg
Person-at-the-airport.jpg
klmdelayrefund.com/wp-content/uploads/2021/06/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://klmdelayrefund.com/wp-content/uploads/2021/06/Person-at-the-airport.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
3e37f586714086a9d7aeaa231d4e7d082c61fec37d1b0fc629a6192b1605e5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Tue, 15 Jun 2021 13:23:50 GMT
server
Apache
accept-ranges
bytes
content-length
35150
content-type
image/jpeg
View-from-the-airplane.jpg
klmdelayrefund.com/wp-content/uploads/2021/06/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://klmdelayrefund.com/wp-content/uploads/2021/06/View-from-the-airplane.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
06309672b48268ae0fd0df1f7eeb9db0877d1295eca8e8c06bcfb78715c6a6ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Tue, 15 Jun 2021 13:24:04 GMT
server
Apache
accept-ranges
bytes
content-length
13255
content-type
image/jpeg
Man-with-a-suitcase-at-the-airport-1.jpg
klmdelayrefund.com/wp-content/uploads/2021/06/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://klmdelayrefund.com/wp-content/uploads/2021/06/Man-with-a-suitcase-at-the-airport-1.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
c7d6e1625f9aaed81e7413dde0cb223d03357dccd9b1784fd3cf935639dd44ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Tue, 15 Jun 2021 14:30:12 GMT
server
Apache
accept-ranges
bytes
content-length
58820
content-type
image/jpeg
all.min.css
ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/all.min.css?ver=e6eb5029c844811b0b5c
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
12646
v4-shims.min.css
ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/v4-shims.min.css?ver=e6eb5029c844811b0b5c
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
4436
index.js
ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/swv/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
index.js
ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
server
Apache
content-length
83
content-type
text/html; charset=iso-8859-1
frontend.js
ru.easyjetrefund.com/wp-content/themes/neve/assets/js/build/modern/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
26b10d4845c39e95d0fe7e6d64d68e1f587a929c13739822abe1a09b0d097d32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2897
script.js
ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/scroll_to_top/assets/js/build/ 		1 KB
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/neve-pro-addon/includes/modules/scroll_to_top/assets/js/build/script.js?ver=2.4.2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
58d5b5a651b1e7519eafd61246ff78fca8a604166321da54dbbd50d2ae7776f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
589
wp-emoji-release.min.js
ru.easyjetrefund.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.6
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
gzip
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:48 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5321
easyJet-airplane-in-the-air.jpg
ru.easyjetrefund.com/wp-content/uploads/2021/12/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.easyjetrefund.com/wp-content/uploads/2021/12/easyJet-airplane-in-the-air.jpg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
bfe48459b3bced5aad9a8c3b50a16d53b4af4de95a5129328dc281f8740b10ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
accept-ranges
bytes
content-length
91240
content-type
image/jpeg
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:33:17 GMT
x-content-type-options
nosniff
age
559578
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 19:33:17 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:07:01 GMT
x-content-type-options
nosniff
age
10354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:52:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Nov 2024 04:07:01 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:30:43 GMT
x-content-type-options
nosniff
age
523732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 03 Nov 2024 05:30:43 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:18:52 GMT
x-content-type-options
nosniff
age
567643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 17:18:52 GMT
Euro-banknotes-small.jpeg
ru.easyjetrefund.com/wp-content/uploads/2022/10/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.easyjetrefund.com/wp-content/uploads/2022/10/Euro-banknotes-small.jpeg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
c7b49a283591460282ba03c5ee43e57b12b06845df0e526ab7e964c99cd18d34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
accept-ranges
bytes
content-length
48194
content-type
image/jpeg
fa-solid-900.woff2
ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/all.min.css?ver=e6eb5029c844811b0b5c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/all.min.css?ver=e6eb5029c844811b0b5c
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
accept-ranges
bytes
content-length
79444
content-type
font/woff2
fa-regular-400.woff2
ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/all.min.css?ver=e6eb5029c844811b0b5c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://ru.easyjetrefund.com/wp-content/plugins/otter-blocks/assets/fontawesome/css/all.min.css?ver=e6eb5029c844811b0b5c
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:47 GMT
server
Apache
accept-ranges
bytes
content-length
13584
content-type
font/woff2
revisit.svg
ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/revisit.svg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
accept-ranges
bytes
content-length
2339
content-type
image/svg+xml
close.svg
ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/close.svg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
accept-ranges
bytes
content-length
1345
content-type
image/svg+xml
poweredbtcky.svg
ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ru.easyjetrefund.com/wp-content/plugins/cookie-law-info/lite/frontend/images/poweredbtcky.svg
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.41.236 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
mail.qualityapparels.com
Software
Apache /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Fri, 10 Nov 2023 06:59:35 GMT
last-modified
Thu, 19 Oct 2023 08:33:46 GMT
server
Apache
accept-ranges
bytes
content-length
3762
content-type
image/svg+xml
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C800%2C700%2C600%2C500&display=swap&ver=3.4.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ru.easyjetrefund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:14:41 GMT
x-content-type-options
nosniff
age
456294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Nov 2024 00:14:41 GMT
js
www.googletagmanager.com/gtag/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122928828-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8E6Z72NSXY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f9049fd673b65a62144694d6296c8fa506c050894e84aa30192bfcf0a4064bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64584
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Nov 2023 06:59:35 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8E6Z72NSXY&gtm=45je3b81v871317229&_p=1699599575325&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=36154745.1699599576&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699599575&sct=1&seg=0&dl=https%3A%2F%2Fru.easyjetrefund.com%2F&dt=Home%20-%20EasyJet%20Refund%20Guide&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1192
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8E6Z72NSXY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 06:59:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ru.easyjetrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314317159561923&plah=ru.easyjetrefund.com&bust=31079473
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5314317159561923
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be9fc0c1e34182f3e124743802fb4c02a5205783e8adcf64a257a1816eb14342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138485
x-xss-protection
0
server
cafe
etag
2274436923052908461
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 06:59:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame 6D50 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5314317159561923
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.easyjetrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43712
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 18:51:03 GMT
etag
16674218716276178799
expires
Thu, 23 Nov 2023 18:51:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122928828-6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 05:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4193
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 Nov 2023 07:49:42 GMT
collect
www.google-analytics.com/j/ 		1 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=348804555&t=pageview&_s=1&dl=https%3A%2F%2Fru.easyjetrefund.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20EasyJet%20Refund%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1806881481&gjid=1818615333&cid=36154745.1699599576&tid=UA-122928828-6&_gid=448511374.1699599576&_r=1&gtm=457e3b81z8871317229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1564097899
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ru.easyjetrefund.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 06:59:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ru.easyjetrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=348804555&t=pageview&_s=2&dl=https%3A%2F%2Fru.easyjetrefund.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20EasyJet%20Refund%20Guide&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=36154745.1699599576&tid=UA-122928828-6&_gid=448511374.1699599576&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=869567445
Requested by
Host: ru.easyjetrefund.com
URL: https://ru.easyjetrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Nov 2023 08:45:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80049
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D71B 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314317159561923&output=html&adk=3105533540&adf=2621220088&lmt=1699599575&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x675_l%7C404x675_r&format=0x0&url=https%3A%2F%2Fru.easyjetrefund.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699599575573&bpp=3&bdt=501&idt=233&shv=r20231108&mjsv=m202311020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4776086065185&frm=20&pv=2&ga_vid=36154745.1699599576&ga_sid=1699599576&ga_hid=348804555&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44807461%2C44808111%2C31078297%2C31079473%2C44806141%2C44808148&oid=2&pvsid=676863620992798&tmod=1482852104&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=254
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314317159561923&plah=ru.easyjetrefund.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.easyjetrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 06:59:36 GMT
expires
Fri, 10 Nov 2023 06:59:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231108&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314317159561923&plah=ru.easyjetrefund.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
499c9dbda77a672ac6ee55fe4015703f06163e192cd132d2ef5abb128496e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12387
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314317159561923&plah=ru.easyjetrefund.com&bust=31079473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 Nov 2023 06:59:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E313 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ru.easyjetrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
50219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 17:02:37 GMT
expires
Fri, 08 Nov 2024 17:02:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4025 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fd997fefb413ce81c4b6d7aebc2748b3137e818b65752882b6e9af611c43da3c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ddlO2nsAlZy6FolXB2V_8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ru.easyjetrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-ddlO2nsAlZy6FolXB2V_8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 06:59:36 GMT
expires
Fri, 10 Nov 2023 06:59:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame E313 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:46:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
29593
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 08 Nov 2024 22:46:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4025 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231108&jk=676863620992798&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E313 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?e9e8EQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 06:59:36 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231108&jk=676863620992798&bg=!pqWlperNAAZxrfrxUa07ADQBe5WfOHfcmIZZ112QmMrcg76c7Z3BuJwOBKcjykWM1qcDXXEVbPrugosxB81fbV9zsOqbAgAAAEBSAAAAB2gBBwoAwvghLiUetpHGrA7bb4r5m9CBHVvehyfA6zxLgsdQ-Oyy0eq0wOaTMYdRBWERYOOcuT0TSK6M8j_OI8ocrQptugEX97C0xR4oYi-93G5oK7yS9hjgRzdBgxIt7AkimzyxHzDEqBmX5uZD5rLsbLNk8khOdp5miaLkpi81C1FussdI0aHrVSLIDUCS2xN8X4kjnZrdui6oGijV6yM9c0elONcTWq_0xycD2_CvXGVCyGta-Uu0yrhGmxtpt-t36kkkqQqZmQLFCvZv54du_DdB1qaAO3SDno3Z_HmF5iGOtt8eLtaelv0QTF18jVRuMgoKbjWSZGmUoEwEkkdjtEVBeTMtg7i3ornIs3ttAmY69LyJzDGAw1tklvYsMN3f6MkDSi3v4uIzRnPKtUCz3A-iHhVgpjHQTVScGEKX9F0KZRBMcz0MAdtWRs_giZY-YVGMv9jRsaqrF4oYuOjWmxy9252pWBoZbP3zzIUYW2AeDdbRsoSptApmTKaO28bwuBSOaiAGQllJyi6c4u0xwUHSgKQG1ED51VMKwrCDQVsSIr6_Lf6_dvLUcOVEsEvvaaE1_L4lRou2dYf1zD_F3ZXkBFw9y3Wlzwm7wjSUQSpWutnJ2gDv-u4mhBgljo9xlC39xGFkVppSef-HhGpqo3nAJJM4ktmDrbP7ios_FBWbEceTbnInNvq9FspzRnGtOm5o2mDBIHY3dPmzEq2FxCp0AQkbrDSXk1XT7jJUuwusBjPUggMbHQ00li14G5jpAlHLZJdRtLvKwHwPhavKZDd2Y2P965wPXva2sXYt_Y_2L0R5gAi34Ilr_2IP1rQlAkGHTSHOSaqQxv2p5JUvjmwD7t206_n63m1PQzzXViGx8HgwiXQN25XRoE2pRUmtXrRXOnH5KUGPxoAmJucg5jfCLUKXz9jupN9nS9WVeFBf1tSy6z4qcRp7xd-j-uFm8LpO1YzjSzwHWJeo5DkQnoCdxI5J4uVYsDFDGpbie0UHuJ521TIPISMQJ6amoOPPUuSm2LYtWz9McjjYiPcShK_2W_nnjPJOY2ObsoJ1W9x5jbUm2075nOLE1H7tqws51NQkHO0NU6blmUHZTre2ZjCbXFuCAQIMP-aC-UtX5HZTiXdPhybse4kq1NZTrtFrATVTtyf4PvYwFlw4LaYOr1V8JXp_HNteVljGVS3HplJIvWNUbIrWqXNNZuhejg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ru.easyjetrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| _wpemojiSettings object| _ckyConfig object| _ckyStyles object| cookieyes function| _revisitCkyConsent function| revisitCkyConsent function| gtag object| dataLayer object| twemoji object| wp object| wpcf7 object| NeveProperties object| html string| theme object| variants function| setCurrentTheme object| observer object| scrollOffset object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| HFG object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
ru.easyjetrefund.com/ Name: cookieyes-consent
Value: consentid:eGxyd1RuRVBzVjhWNWNiUkRHQjQ2UFNoUENpTXFZREg,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no
.easyjetrefund.com/ Name: _ga_8E6Z72NSXY
Value: GS1.1.1699599575.1.0.1699599575.0.0.0
.easyjetrefund.com/ Name: _ga
Value: GA1.2.36154745.1699599576
.easyjetrefund.com/ Name: _gid
Value: GA1.2.448511374.1699599576
.easyjetrefund.com/ Name: _gat_gtag_UA_122928828_6
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

3 Console Messages

Source Level URL
Text
network error URL: https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
Message:
Failed to load resource: the server responded with a status of 409 ()
network error URL: https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
Message:
Failed to load resource: the server responded with a status of 409 ()
network error URL: https://ru.easyjetrefund.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
Message:
Failed to load resource: the server responded with a status of 409 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
klmdelayrefund.com
pagead2.googlesyndication.com
region1.google-analytics.com
ru.easyjetrefund.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
192.185.41.236
2001:4860:4802:32::36
2a00:1450:4001:802::2002
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
06309672b48268ae0fd0df1f7eeb9db0877d1295eca8e8c06bcfb78715c6a6ee
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
26b10d4845c39e95d0fe7e6d64d68e1f587a929c13739822abe1a09b0d097d32
2f9049fd673b65a62144694d6296c8fa506c050894e84aa30192bfcf0a4064bf
3e37f586714086a9d7aeaa231d4e7d082c61fec37d1b0fc629a6192b1605e5db
4268ce53f3200f28dcc1a5f7e385541f70c375b11b6e30d74e9f4cc1a5d33289
454aea45ece8c90cf219d91e2789d8d786b58444c01f0b40c3ab5b85002ac819
499c9dbda77a672ac6ee55fe4015703f06163e192cd132d2ef5abb128496e8d4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d5b5a651b1e7519eafd61246ff78fca8a604166321da54dbbd50d2ae7776f1
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6a07e3ed87762ca25bddb305cf78fb1dc7648d1346b6d62a474f350d6c7e98a4
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a8403d988519e8faaea74f717d2f42f22736136f7592dcd8208e64e7b2bc839b
b73f32fd79f3242d4a823f9d70bd3803be341fbca3dc0b97170dd354d6561ef2
bd3400ea708ae7730a3cf8957b2a17779848975a6a0a6de019fd493b5cd94399
be9fc0c1e34182f3e124743802fb4c02a5205783e8adcf64a257a1816eb14342
bfe48459b3bced5aad9a8c3b50a16d53b4af4de95a5129328dc281f8740b10ae
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
c7b49a283591460282ba03c5ee43e57b12b06845df0e526ab7e964c99cd18d34
c7d6e1625f9aaed81e7413dde0cb223d03357dccd9b1784fd3cf935639dd44ec
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e42bf4b615b68e218fe4e4a28ab2cfb7e2240aa2f8511db4c7bc658e8f34fb
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fb8b3b00b0e369938812ab13410c6faceeccaacbc24f833dfd978f8d1a1b680f
fd997fefb413ce81c4b6d7aebc2748b3137e818b65752882b6e9af611c43da3c
fe178c8c3c40bfe2dd09722ef070949b250e6c8353fe19b90b7c837a4a209138
ffa89a7533f6533bccb4af8937153807b7a25b53de33c2971c7ae7a7730cff72