urlscan.io logo urlscan.io
SecurityTrails logo

classactionrefund.com Open in urlscan Pro
35.231.139.107  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://classactionrefund.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTMxNTY4OTQ2MzgyOTk1OSwiSW52aXRhdGlvbklkIjoxMzUxMDEzNDQ0MzI3MzA1fQ
Effective URL: https://classactionrefund.com/interchange/
Submission: On June 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 41 HTTP transactions. The main IP is 35.231.139.107, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is classactionrefund.com.
TLS certificate: Issued by R3 on April 30th 2024. Valid for: 3 months.
This is the only time classactionrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:4400::ac40:9521 (United States)

ASN13335 (CLOUDFLARENET, US)
classactionrefund.tellwise.com
22    35.231.139.107 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.139.231.35.bc.googleusercontent.com
www.classactionrefund.com
classactionrefund.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
3    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
22 classactionrefund.com
www.classactionrefund.com
classactionrefund.com
234 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 136
tpc.googlesyndication.com — Cisco Umbrella Rank: 172
214 KB
3 gstatic.com
fonts.gstatic.com
47 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
293 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
302 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
1 KB
1 tellwise.com
classactionrefund.tellwise.com
573 B
41 7
Domain Requested by
21 classactionrefund.com classactionrefund.com
7 pagead2.googlesyndication.com classactionrefund.com
pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com classactionrefund.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com classactionrefund.com
1 www.classactionrefund.com 1 redirects
1 classactionrefund.tellwise.com 1 redirects
41 9

This site contains links to these domains. Also see Links.

Domain
us.services.docusign.net
www.paymentcardsettlement.com
Subject Issuer Validity Valid
classactionrefund.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://classactionrefund.com/interchange/
Frame ID: A0E87141CD4A43627CFA9C25CCCBA4EC
Requests: 38 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Frame ID: 020670496064F81258752A68D0907F6F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184438629713031&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1718377464&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fclassactionrefund.com%2Finterchange%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_14~29_11&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718377464164&bpp=4&bdt=3042&idt=208&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4701318144342&frm=20&pv=2&ga_vid=1896555903.1718377464&ga_sid=1718377464&ga_hid=167952517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331833%2C95334510%2C95334529%2C95334564%2C95334570%2C95334819%2C95335897%2C95335246%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4428256518280991&tmod=741939414&uas=0&nvt=1&fsapi=1&fc=1920&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=245
Frame ID: 5930D96600AD0E5A3285BCC12381ADB0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7B23ADBDB59D498CC96FA8303162BEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Interchange | Class Action Refund

Page URL History Show full URLs

  1. https://classactionrefund.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTMxNTY4OTQ2MzgyOTk1OSwiSW52aXRhdGlvbklkIjoxMzU... HTTP 302
    http://www.classactionrefund.com/interchange HTTP 307
    https://www.classactionrefund.com/interchange HTTP 301
    https://classactionrefund.com/interchange/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

41
Requests

95 %
HTTPS

75 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

790 kB
Transfer

2505 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://classactionrefund.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTMxNTY4OTQ2MzgyOTk1OSwiSW52aXRhdGlvbklkIjoxMzUxMDEzNDQ0MzI3MzA1fQ HTTP 302
    http://www.classactionrefund.com/interchange HTTP 307
    https://www.classactionrefund.com/interchange HTTP 301
    https://classactionrefund.com/interchange/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
classactionrefund.com/interchange/
Redirect Chain
  • https://classactionrefund.tellwise.com/rest/v1/url/redirect/eyJJZCI6MTMxNTY4OTQ2MzgyOTk1OSwiSW52aXRhdGlvbklkIjoxMzUxMDEzNDQ0MzI3MzA1fQ
  • http://www.classactionrefund.com/interchange
  • https://www.classactionrefund.com/interchange
  • https://classactionrefund.com/interchange/
75 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
faac5c4bfbb952001a4fc89c3be55d52ca8347ede06fba1525732c875b5908b2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 15:04:20 GMT
link
<https://classactionrefund.com/wp-json/>; rel="https://api.w.org/" <https://classactionrefund.com/wp-json/wp/v2/pages/5975>; rel="alternate"; type="application/json" <https://classactionrefund.com/?p=5975>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 6
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 14 Jun 2024 15:04:20 GMT
location
https://classactionrefund.com/interchange/
server
nginx
x-cache
HIT: 6
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
style.min.css
classactionrefund.com/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Tue, 27 Feb 2024 14:48:23 GMT
server
nginx
etag
W/"65ddf637-1bae5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css
classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 12:52:42 GMT
server
nginx
etag
W/"66420d1a-7917"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
classactionrefund.com/wp-content/themes/kava/ 		96 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava/style.css?ver=1.2.7
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b2c142575d22fd3616e31e4e78dde8c1f88d3341ad2834c04911af35b90c9a6b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 16:16:50 GMT
server
nginx
etag
W/"623deaf2-17ee6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
classactionrefund.com/wp-content/themes/kava-child/ 		254 B
383 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava-child/style.css?ver=1.2.7
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f8ed1b3e319679104554da933da591c6d9d4ca6854b26b0ea75507e3c5073d55

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 13:11:14 GMT
server
nginx
etag
W/"623dbf72-fe"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blog-layouts-module.css
classactionrefund.com/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/ 		129 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava/inc/modules/blog-layouts/assets/css/blog-layouts-module.css?ver=1.2.7
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
477e9568f48c4cfd36a9acf4f885b693c5560a6b10785bd53af28ef736d3caf5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 16:16:52 GMT
server
nginx
etag
W/"623deaf4-2038b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.5.3
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21c22bd52b3316b7f909f356ab68eece53bbbd5ced28b751079fd86923bd4dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 14 Jun 2024 14:52:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jun 2024 15:04:21 GMT
nucleo-outline.css
classactionrefund.com/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/ 		134 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/kava-extra/assets/fonts/nucleo-outline-icon-font/nucleo-outline.css?ver=1.0.0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7adf941596cb83fc892f21ebf6cc076e85606cfe4b4648a089a326e8cfa8953a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 13:11:14 GMT
server
nginx
etag
W/"623dbf72-218a4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.min.css
classactionrefund.com/wp-content/plugins/elementor/assets/css/ 		170 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.21.5
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4157b979d90de70db2e9da40c61f473c4c45843e6daacbc876dab30bbae11ca4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 12:52:42 GMT
server
nginx
etag
W/"66420d1a-2a6b2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
general.min.css
classactionrefund.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css?ver=5.9.21
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
683e7dd72e8bf31eaddb50de149bd4a87d9ed27541b29711a5cbcb1ea3262a45

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 12:52:43 GMT
server
nginx
etag
W/"66420d1b-ef5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
classactionrefund.com/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
classactionrefund.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
nginx
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		344 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-MJMFN2F
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41be1f75ae2fde4bd27d4884b48d4ac6d104ccd16423072181ff0b5a54cac382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
116595
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 15:04:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1184438629713031&host=ca-host-pub-2644536267352236
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
8b841eb65452a5497b2361f3e271b1ec40811303ec2b1ff04d8f9ced85c7e5f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Origin
https://classactionrefund.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52030
x-xss-protection
0
server
cafe
etag
5125603654234145086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 14 Jun 2024 15:04:24 GMT
cropped-Class-Action-Refund-Logo-Variants-02-e1568745339836-1.png
classactionrefund.com/wp-content/uploads/2019/09/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://classactionrefund.com/wp-content/uploads/2019/09/cropped-Class-Action-Refund-Logo-Variants-02-e1568745339836-1.png
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c9a04c7fce18d3a7bad650b872ffa6c24bca71469b56121aff9ddd4bf4495515

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
last-modified
Fri, 25 Mar 2022 13:11:13 GMT
server
nginx
etag
"623dbf71-1ced"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7405
tracker.js
classactionrefund.com/wp-content/plugins/wp-statistics/assets/js/ 		2 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.7.2
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
da311050c12fb5c688c2686d926583866907151f9db9d5ae9d0648b1553b16d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:21 GMT
content-encoding
br
last-modified
Mon, 03 Jun 2024 01:39:09 GMT
server
nginx
etag
W/"665d1ebd-622"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
responsive-menu.js
classactionrefund.com/wp-content/themes/kava/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava/assets/js/responsive-menu.js?ver=1.0.0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
75269dd32ab09f39be20d52649f44753bf63937913a4f9136b8bc28c3c87c441

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 16:16:52 GMT
server
nginx
etag
W/"623deaf4-b6c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.ui.totop.min.js
classactionrefund.com/wp-content/themes/kava/assets/js/ 		894 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava/assets/js/jquery.ui.totop.min.js?ver=1.2.0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
542b6537075b9623268a772cd002408961b531a2229a2e678ed1b12993126570

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 16:16:52 GMT
server
nginx
etag
W/"623deaf4-37e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme-script.js
classactionrefund.com/wp-content/themes/kava/assets/js/ 		1 KB
868 B 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/themes/kava/assets/js/theme-script.js?ver=1.2.7
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0712af5dc1957e59dafdaa83a5a04e829d259a6f4f3e87f270eff2c6ebb1d78e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
last-modified
Fri, 25 Mar 2022 16:16:52 GMT
server
nginx
etag
W/"623deaf4-5ea"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
general.min.js
classactionrefund.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js?ver=5.9.21
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef9da71a42581033f8b96ead8c6c1e4f72b230e455472a22d120cd573de38537

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 12:52:43 GMT
server
nginx
etag
W/"66420d1b-287c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
34cec22d-fc13-493d-8d71-9c78f1dc90f1
https://classactionrefund.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://classactionrefund.com/34cec22d-fc13-493d-8d71-9c78f1dc90f1
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		178 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-56P97QD7
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3064fae4146f1586e418ccc8d0c17e7bb0b9628c6eac2e44a1f2d352e8edffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65990
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 15:04:24 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://classactionrefund.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 00:47:46 GMT
x-content-type-options
nosniff
age
137798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 00:47:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://classactionrefund.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 05:20:49 GMT
x-content-type-options
nosniff
age
121415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 05:20:49 GMT
fontawesome-webfont.woff2
classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin
https://classactionrefund.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
last-modified
Mon, 13 May 2024 12:52:42 GMT
server
nginx
etag
"66420d1a-12d68"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
77160
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500%2C900%7CMontserrat%3A700&subset=latin&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://classactionrefund.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 18:03:05 GMT
x-content-type-options
nosniff
age
75679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 18:03:05 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/ 		426 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184438629713031&plah=classactionrefund.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1184438629713031&host=ca-host-pub-2644536267352236
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
7c97a9bc053bae25f6bfbce4fee6da0e4afd26f953ecba3c9f8ce4670eea7cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147281
x-xss-protection
0
server
cafe
etag
17774086367777177890
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 14 Jun 2024 15:04:24 GMT
js
www.googletagmanager.com/gtag/ 		345 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-MJMFN2F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56P97QD7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c04bed20234192f9c7b05f737c36a45418c2fd2be00e82d796c322c6485ee70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
116660
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 14 Jun 2024 15:04:24 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WEEEKMKFS6&gtm=45Pe46c0v9167488448za200zb9168392149&_p=1718377464005&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=1896555903.1718377464&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718377464&sct=1&seg=0&dl=https%3A%2F%2Fclassactionrefund.com%2Finterchange%2F&dt=Interchange%20%7C%20Class%20Action%20Refund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4671
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MJMFN2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:04:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://classactionrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PGGHM1EWF9&gtm=45Pe46c0v9167488448za200zb9168392149&_p=1718377464005&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&gdid=dZTNiMT&cid=1896555903.1718377464&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718377464&sct=1&seg=0&dl=https%3A%2F%2Fclassactionrefund.com%2Finterchange%2F&dt=Interchange%20%7C%20Class%20Action%20Refund&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4681
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MJMFN2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:04:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://classactionrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wp-emoji-release.min.js
classactionrefund.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
last-modified
Tue, 13 Feb 2024 14:36:07 GMT
server
nginx
etag
W/"65cb7e57-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hit
classactionrefund.com/wp-json/wp-statistics/v2/ 		137 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&current_page_type=page&current_page_id=5975&search_query&page_uri=L2ludGVyY2hhbmdlLw=&referred=&_=1718377464288
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?ver=14.7.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
9ef69e36e187b422fc2d1c037132162b6e2381da3fbadd698802c5548e372e00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
x-cache-group
normal
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
MISS
content-length
137
server
nginx
allow
GET
vary
Accept-Encoding,Cookie
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
accept-ranges
bytes
x-robots-tag
noindex
link
<https://classactionrefund.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/ Frame 0206 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240612/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184438629713031&plah=classactionrefund.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://classactionrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
68764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 13 Jun 2024 19:58:20 GMT
etag
16861080603521627538
expires
Thu, 27 Jun 2024 19:58:20 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=page-preloader-cover&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:04:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=page-preloader-cover&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: classactionrefund.com
URL: https://classactionrefund.com/interchange/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 14 Jun 2024 15:04:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame 5930 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1184438629713031&output=html&adk=1812271804&adf=3025194257&abgtt=7&lmt=1718377464&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fclassactionrefund.com%2Finterchange%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_14~29_11&aiixl=27_3~29_5&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718377464164&bpp=4&bdt=3042&idt=208&shv=r20240612&mjsv=m202406110101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4701318144342&frm=20&pv=2&ga_vid=1896555903.1718377464&ga_sid=1718377464&ga_hid=167952517&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95331833%2C95334510%2C95334529%2C95334564%2C95334570%2C95334819%2C95335897%2C95335246%2C95334053%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4428256518280991&tmod=741939414&uas=0&nvt=1&fsapi=1&fc=1920&brdim=910%2C910%2C910%2C910%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=245
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184438629713031&plah=classactionrefund.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://classactionrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 15:04:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240612&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184438629713031&plah=classactionrefund.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
d74025d423a9c5adf8da13962cc634e86cc05df40fbd119c5298fa42695c962a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12825
x-xss-protection
0
cropped-Class-Action-Refund-Logo-Variants-03-32x32.png
classactionrefund.com/wp-content/uploads/2019/09/ 		702 B
903 B 		Other
General
Check archive.org
Download Go to
Full URL
https://classactionrefund.com/wp-content/uploads/2019/09/cropped-Class-Action-Refund-Logo-Variants-03-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.231.139.107 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.139.231.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
208c171c08fbe6b3ad873651eb248a61f0ff08e86772ebaf54c81dabb990f57d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/interchange/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:24 GMT
last-modified
Fri, 25 Mar 2022 13:11:13 GMT
server
nginx
etag
"623dbf71-2be"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
702
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1184438629713031&plah=classactionrefund.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://classactionrefund.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 14 Jun 2024 15:04:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 14 Jun 2024 15:04:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://classactionrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
13872
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 14 Jun 2024 11:13:13 GMT
expires
Sat, 14 Jun 2025 11:13:13 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240612&jk=4428256518280991&bg=!AgGlAU7NAAb64txl2uI7ADQBe5WfOExs1MibfJqYJKo0B7bNgkERySRDaOE87xhLWeNTvBZeWYCLUAu8-dLaa7zLsIIGAgAAANtSAAAAC2gBB34ANWorGJGkoBDDdLxLYPL7oNe7wVuI0KvqtbcsfldhbQHyfod26pzRV6keZgPSRHiHm_V707MTCgBsTD5tJkYMCgp-3K3YxNUFyWB5skNdtp2aXQqZRFpHu3tSb4VApkmcbf4MhqeJ8pOLqQWnacT3auDOpRWM1Jy012G9QeWbt0zLbO6cBH1xVSgDhjHuBRNhviKYTNC4eqWguJvlw8zoKVGCeDcdmQKXZy9bc4FJ5T_9eH1fiBlYG_GC0fYjqBqX_MmlZdogAqpQwhiIrSvvl-z4tbJjVWDFR7LeVyXghiqkjTp-twfTh8HuknZwvVxYijxpQebiTfBzdmG7j9w3rDgNGKLvCUphk_05DjuNIXZEd4dl1hrFi1FsQRdqk4yIHIFz-GgBGgB8cFVOIJtuV3NdPGoDkUAbzNLpBy_JAR6NataBVmnFsxv6RYu0FFJNkvHIiplpTq_Ygig7KW5OdGpiHJvwbq8p1Uq-qkRobKc-apDrhIenTYD2bMOgg7HjsjS3z6J7vc6u0x9nnN_d9079JBofteDiGJK4hyrYVcGHQ4wgpzp8fvSk5i_IqPTxs3KA92_tLr4I_W_H_cFBjl9EK3LToIWFayeBm4UcIzJqlLxaByPYFPr_7BsClTwq1sdBP1MwuaOlKgf9nS26KSO3vzKT8zUAul5KLeo_mxvAYKYTe5iVcGOk-fUlsY2W1PbJq9UYngQW78sCxr0s8FCDN5PTeCxK-IpRF8Z_eCYO2yMgMXtwB5ersrTvK40RMiyrOIsyTp_6x2-9dQ0aKNxbq4lEQmYM2K1RkfW9Qkwo69sMfwwvrKriCpxUQr2bbfLmRafes2PWKKVq5E2tBltLcDkb94ZgSzb8eNQB208hA846Brt0IAujv679qPS9sVsQmw2YCv6yO9FhP8Nb9r_wWvyRa5B9kDt-vz-r5PfqtYv5ZV4KRBjp-vVDb0WoLGqtRC0cNM7Y0r-MrLDPRcM3T-cvY7RCHYYu5EHmcaCqHDJaOXK1fy2oElstFye7GoZfW4QYHCQltK9pc4kIZ2S0xJ5DNPUKehpwwHKaABZIusgV8SnOxwcMqzcfHD-kdY9ZiobKKcerVD-0540A

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer object| WP_Statistics_Tracker_Object object| Kava_Theme_JS object| localize object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal boolean| isEditMode object| ea function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| twemoji object| wp object| GoogleGcLKhOms

6 Cookies

Domain/Path Name / Value
classactionrefund.tellwise.com/ Name: ss-id
Value: iUUxPTwg6aKj0enKVDF5
classactionrefund.tellwise.com/ Name: ss-pid
Value: e4mywvaF4A7oMhP3ftXa
.classactionrefund.com/ Name: _ga_WEEEKMKFS6
Value: GS1.1.1718377464.1.0.1718377464.0.0.0
.classactionrefund.com/ Name: _ga
Value: GA1.1.1896555903.1718377464
.classactionrefund.com/ Name: _ga_PGGHM1EWF9
Value: GS1.1.1718377464.1.0.1718377464.0.0.0
.classactionrefund.com/ Name: _gcl_au
Value: 1.1.467803350.1718377464

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

classactionrefund.com
classactionrefund.tellwise.com
fonts.googleapis.com
fonts.gstatic.com
pagead2.googlesyndication.com
region1.google-analytics.com
tpc.googlesyndication.com
www.classactionrefund.com
www.googletagmanager.com
pagead2.googlesyndication.com
142.250.186.98
2001:4860:4802:32::36
2606:4700:4400::ac40:9521
2a00:1450:4001:813::2008
2a00:1450:4001:829::200a
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
35.231.139.107
0712af5dc1957e59dafdaa83a5a04e829d259a6f4f3e87f270eff2c6ebb1d78e
208c171c08fbe6b3ad873651eb248a61f0ff08e86772ebaf54c81dabb990f57d
21c22bd52b3316b7f909f356ab68eece53bbbd5ced28b751079fd86923bd4dd9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
4157b979d90de70db2e9da40c61f473c4c45843e6daacbc876dab30bbae11ca4
41be1f75ae2fde4bd27d4884b48d4ac6d104ccd16423072181ff0b5a54cac382
477e9568f48c4cfd36a9acf4f885b693c5560a6b10785bd53af28ef736d3caf5
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
542b6537075b9623268a772cd002408961b531a2229a2e678ed1b12993126570
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5c04bed20234192f9c7b05f737c36a45418c2fd2be00e82d796c322c6485ee70
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
683e7dd72e8bf31eaddb50de149bd4a87d9ed27541b29711a5cbcb1ea3262a45
75269dd32ab09f39be20d52649f44753bf63937913a4f9136b8bc28c3c87c441
7adf941596cb83fc892f21ebf6cc076e85606cfe4b4648a089a326e8cfa8953a
7c97a9bc053bae25f6bfbce4fee6da0e4afd26f953ecba3c9f8ce4670eea7cc2
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8b841eb65452a5497b2361f3e271b1ec40811303ec2b1ff04d8f9ced85c7e5f5
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9ef69e36e187b422fc2d1c037132162b6e2381da3fbadd698802c5548e372e00
b2c142575d22fd3616e31e4e78dde8c1f88d3341ad2834c04911af35b90c9a6b
c3064fae4146f1586e418ccc8d0c17e7bb0b9628c6eac2e44a1f2d352e8edffe
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c9a04c7fce18d3a7bad650b872ffa6c24bca71469b56121aff9ddd4bf4495515
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d74025d423a9c5adf8da13962cc634e86cc05df40fbd119c5298fa42695c962a
da311050c12fb5c688c2686d926583866907151f9db9d5ae9d0648b1553b16d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9da71a42581033f8b96ead8c6c1e4f72b230e455472a22d120cd573de38537
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8ed1b3e319679104554da933da591c6d9d4ca6854b26b0ea75507e3c5073d55
faac5c4bfbb952001a4fc89c3be55d52ca8347ede06fba1525732c875b5908b2