geek.refundpay.online Open in urlscan Pro
62.60.227.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://geek.refundpay.online/
Submission: On February 18 via api (February 18th 2025, 6:44:59 pm UTC) from US — Scanned from PL

Summary HTTP 113 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 32 IPs in 7 countries across 24 domains to perform 113 HTTP transactions. The main IP is 62.60.227.21, located in Hong Kong and belongs to CHSCLOUD-AS Valery Smoliar, IL. The main domain is geek.refundpay.online.
TLS certificate: Issued by R11 on February 18th 2025. Valid for: 3 months.

This is the only time geek.refundpay.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	62.60.227.21 62.60.227.21	215939 (CHSCLOUD-...) (CHSCLOUD-AS Valery Smoliar)
1 19	104.70.95.190 104.70.95.190	16625 (AKAMAI-AS) (AKAMAI-AS)
11	13.107.253.45 13.107.253.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
2	18.221.31.22 18.221.31.22	16509 (AMAZON-02) (AMAZON-02)
2	185.167.164.48 185.167.164.48	198622 (ADFORM Ad...) (ADFORM Adform A/S)
3	3.161.75.225 3.161.75.225	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.250 37.157.2.250	198622 (ADFORM Ad...) (ADFORM Adform A/S)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.213.165.19 23.213.165.19	16625 (AKAMAI-AS) (AKAMAI-AS)
2	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1	23.213.169.28 23.213.169.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.209.208.19 23.209.208.19	16625 (AKAMAI-AS) (AKAMAI-AS)
20	13.33.187.58 13.33.187.58	16509 (AMAZON-02) (AMAZON-02)
1 3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	18.171.5.222 18.171.5.222	16509 (AMAZON-02) (AMAZON-02)
3	18.173.206.189 18.173.206.189	16509 (AMAZON-02) (AMAZON-02)
1	185.15.59.240 185.15.59.240	14907 (WIKIMEDIA) (WIKIMEDIA)
1	54.246.144.89 54.246.144.89	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
4	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	23.38.80.134 23.38.80.134	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.10.177 2.16.10.177	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	130.250.196.52 130.250.196.52	394899 (HCDL-MINN...) (HCDL-MINNEAPOLIS-DATA-CENTER)
113	32

9 62.60.227.21 (Hong Kong)

ASN215939 (CHSCLOUD-AS Valery Smoliar, IL)

geek.refundpay.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.70.95.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-70-95-190.deploy.static.akamaitechnologies.com

media.mcafeeassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

digitalfeedback.us.confirmit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.221.31.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-221-31-22.us-east-2.compute.amazonaws.com

collector-30568.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.48 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.161.75.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-75-225.fra56.r.cloudfront.net

d2hrivdxn8ekm8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.250 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.165.19 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-19.deploy.static.akamaitechnologies.com

s-static.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.169.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-169-28.deploy.static.akamaitechnologies.com

cdn1.adoberesources.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.209.208.19 (Ancol, Indonesia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-208-19.deploy.static.akamaitechnologies.com

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.33.187.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-58.fra60.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.171.5.222 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com

rtr.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.206.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-206-189.fra56.r.cloudfront.net

d2v83son8kay5v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.59.240 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.144.89 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.38.80.134 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-80-134.deploy.static.akamaitechnologies.com

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.10.177 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-10-177.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

13175879.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.250.196.52 (Bullhead City, United States)

ASN394899 (HCDL-MINNEAPOLIS-DATA-CENTER, US)
PTR: academy.geeksquad.com

academy.geeksquad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1312	116 KB
19	mcafeeassets.com 1 redirects media.mcafeeassets.com — Cisco Umbrella Rank: 151764	123 KB
11	confirmit.com digitalfeedback.us.confirmit.com — Cisco Umbrella Rank: 15984	40 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 td.doubleclick.net — Cisco Umbrella Rank: 178 13175879.fls.doubleclick.net — Cisco Umbrella Rank: 360009	5 KB
9	refundpay.online geek.refundpay.online	99 KB
7	innovid.com s-static.innovid.com — Cisco Umbrella Rank: 1943 rtr.innovid.com — Cisco Umbrella Rank: 1714	8 KB
6	cloudfront.net d2hrivdxn8ekm8.cloudfront.net d2v83son8kay5v.cloudfront.net	30 KB
4	gstatic.com fonts.gstatic.com	31 KB
3	google.pl www.google.pl — Cisco Umbrella Rank: 30409	671 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	152 B
3	adform.net a2.adform.net — Cisco Umbrella Rank: 6407 s2.adform.net — Cisco Umbrella Rank: 6920	33 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	307 KB
2	adnxs.com acdn.adnxs.com — Cisco Umbrella Rank: 688 ib.adnxs.com — Cisco Umbrella Rank: 284	9 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1420 c.go-mpulse.net — Cisco Umbrella Rank: 782	50 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 197	74 KB
2	tvsquared.com collector-30568.us.tvsquared.com — Cisco Umbrella Rank: 337113	9 KB
1	geeksquad.com academy.geeksquad.com	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1575	508 B
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3002	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 93	3 KB
1	adoberesources.net cdn1.adoberesources.net — Cisco Umbrella Rank: 12475	23 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 797	7 KB
1	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 6435	24 KB
113	24

	Domain	Requested by
20	tags.tiqcdn.com	geek.refundpay.online tags.tiqcdn.com
19	media.mcafeeassets.com	1 redirects geek.refundpay.online media.mcafeeassets.com
11	digitalfeedback.us.confirmit.com	geek.refundpay.online digitalfeedback.us.confirmit.com
9	geek.refundpay.online	geek.refundpay.online
6	rtr.innovid.com	geek.refundpay.online
4	td.doubleclick.net	geek.refundpay.online
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google.pl	geek.refundpay.online
3	www.google.com	1 redirects geek.refundpay.online
3	d2v83son8kay5v.cloudfront.net	geek.refundpay.online
3	googleads.g.doubleclick.net	1 redirects geek.refundpay.online
3	d2hrivdxn8ekm8.cloudfront.net	geek.refundpay.online d2hrivdxn8ekm8.cloudfront.net
3	www.googletagmanager.com	geek.refundpay.online
2	13175879.fls.doubleclick.net	1 redirects geek.refundpay.online
2	connect.facebook.net	geek.refundpay.online
2	a2.adform.net	geek.refundpay.online
2	collector-30568.us.tvsquared.com	geek.refundpay.online
1	academy.geeksquad.com
1	ib.adnxs.com	acdn.adnxs.com
1	acdn.adnxs.com	d2hrivdxn8ekm8.cloudfront.net
1	c.go-mpulse.net	s.go-mpulse.net
1	fonts.googleapis.com	media.mcafeeassets.com
1	sp.analytics.yahoo.com	geek.refundpay.online
1	upload.wikimedia.org	geek.refundpay.online
1	www.googleadservices.com	geek.refundpay.online
1	s.go-mpulse.net	geek.refundpay.online
1	cdn1.adoberesources.net	geek.refundpay.online
1	s.yimg.com	geek.refundpay.online
1	s-static.innovid.com	geek.refundpay.online
1	pixel.byspotify.com	geek.refundpay.online
1	s2.adform.net	geek.refundpay.online
113	31

This site contains links to these domains. Also see Links.

Domain
www.mcafee.com
www.youtube.com
careers.mcafee.com
forums.mcafee.com
home.mcafee.com
mmsmcafee.onelink.me

Subject Issuer	Validity	Valid
geek.refundpay.online R11	`2025-02-18` - `2025-05-19`	3 months	crt.sh
www.mcafee.com McAfee RSA Organization Validation Secure Server CA 3	`2024-07-08` - `2025-07-08`	a year	crt.sh
digitalfeedback.us.confirmit.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2024-12-20` - `2025-06-20`	6 months	crt.sh
*.google-analytics.com WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M03	`2024-04-28` - `2025-05-27`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
pixel.byspotify.com WR3	`2025-02-07` - `2025-05-08`	3 months	crt.sh
*.innovid.com DigiCert TLS RSA SHA256 2020 CA1	`2024-12-24` - `2025-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2025-01-20` - `2025-03-12`	2 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2025-02-17` - `2026-03-18`	a year	crt.sh
*.g.doubleclick.net WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.googleadservices.com WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-09-26` - `2025-10-17`	a year	crt.sh
*.sp.analytics.yahoo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-24` - `2025-06-18`	6 months	crt.sh
upload.video.google.com WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.gstatic.com WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
cdn.adnxs.com R10	`2025-01-09` - `2025-04-09`	3 months	crt.sh
*.doubleclick.net WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.google.com WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.google.pl WE2	`2025-02-03` - `2025-04-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
academy.geeksquad.com R11	`2025-01-31` - `2025-05-01`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://geek.refundpay.online/
Frame ID: 9657016EDDBB232AC3748C5B9EC4D2BD
Requests: 109 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740246542?random=1720216292608&cv=11&fst=1720216292608&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 7E5A4925A7FB1FE737D5EDE5D520EDD1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740246542?random=1720216292637&cv=11&fst=1720216292637&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0
Frame ID: 6FDF0B9CFDA46B886CA4A298790316BD
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/740246542?random=1720216292649&cv=11&fst=1720216292649&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_prodid%3D665%2C663%2C667%2C664%2C662%2C666%2C535%2C537%3Becomm_pagetype%3Dhome
Frame ID: 0A3CD3BC5CF3BED9D28EDE48A62155D3
Requests: 1 HTTP requests in this frame

Frame: https://13175879.fls.doubleclick.net/activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F
Frame ID: 42CACEA2314E64F2C23212131094896A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F
Frame ID: 670A213D077F8D158B296A1C9388FD61
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Antivirus, VPN, Identity & Privacy Protection | Geek Squad

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Page Statistics

113
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

31
Subdomains

32
IPs

7
Countries

1017 kB
Transfer

3570 kB
Size

10
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mcafee.com/learn/personal-data-cleanup/
Title: Personal Data Cleanup

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/online-account-cleanup/
Title: Online Account Cleanup

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/vpn/
Title: VPN (Virtual Private Network)

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/social-privacy-manager/
Title: Social Privacy Manager

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/identity-monitoring/
Title: Identity Monitoring

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/credit-monitoring/
Title: Credit Monitoring

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/security-freeze/
Title: Security Freeze

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/identity-theft-coverage/
Title: Identity Theft Coverage & Restoration

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/password-manager/
Title: Password Manager

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/mcafee-scam-protection/
Title: Scam Protection

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/web-protection/
Title: Web Protection

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/antivirus/protection-score.html
Title: Protection Score

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/parental-controls/
Title: Parental Controls

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/family-plans/
Title: Family Plans

Search URL Search Domain Scan URL

URL: https://www.youtube.com/McAfee
Title: McAfee on YouTube

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/learn/
Title: Learn at McAfee

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/identity-theft.html
Title: What is Identity Theft?

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/consumer-corporate/newsroom.html
Title: McAfee Newsroom

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/antivirus/mobile.html
Title: Mobile Security

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/products/techmaster.html
Title: TechMaster Concierge

Search URL Search Domain Scan URL

URL: https://www.mcafee.com/en-us/antivirus/mcafee-security-scan-plus.html
Title: Device Security Scan

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/life-at-mcafee
Title: Life at McAfee

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/our-teams
Title: Our Teams

Search URL Search Domain Scan URL

URL: https://careers.mcafee.com/our-locations
Title: Our Locations

Search URL Search Domain Scan URL

URL: https://forums.mcafee.com/
Title: Support Community

Search URL Search Domain Scan URL

URL: http://home.mcafee.com/Default.aspx?culture=HE-IL
Title: ישראל - עברית

Search URL Search Domain Scan URL

URL: http://home.mcafee.com/Default.aspx?culture=AR-AE
Title: العربية - العربية

Search URL Search Domain Scan URL

URL: https://mmsmcafee.onelink.me/mcafeefree/iosfooter

Search URL Search Domain Scan URL

URL: https://mmsmcafee.onelink.me/mcafeefree/androidfooter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_2/card_img.coreimg.svg/1697151500103/featured-icon-3.svg HTTP 302
https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/jcr%3acontent/root/section/main_section_content/cardsection_copy_cop/card_2/card_img.coreimg.svg/1736546281644/featured-icon-3.svg

Request Chain 94

https://13175879.fls.doubleclick.net/activityi;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F HTTP 302
https://13175879.fls.doubleclick.net/activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F

Request Chain 106

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQIIz86xAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItf_oy_DNiwMVFzNVCB3-uyYOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2dlZWsucmVmdW5kcGF5Lm9ubGluZS9CV0NoQUlnUHpRdlFZUXpzWG90OTNNazR4bkVpMEFJQVNyQWJuNGpBX0tuajhUQjlpOHNVV3NaMmVaNmdobXpxM1V3OXB0RDl1TE9KbWRDZjloM3hUNkI2Yw HTTP 302
https://www.google.com/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQIIz86xAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItf_oy_DNiwMVFzNVCB3-uyYOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2dlZWsucmVmdW5kcGF5Lm9ubGluZS9CV0NoQUlnUHpRdlFZUXpzWG90OTNNazR4bkVpMEFJQVNyQWJuNGpBX0tuajhUQjlpOHNVV3NaMmVaNmdobXpxM1V3OXB0RDl1TE9KbWRDZjloM3hUNkI2Yw&is_vtc=1&cid=CAQSKQCjtLzM4VTKo-KXJBYd2o6oVNu7uDSfV7AdHohTWYJLnhR4m-hTrPwG&random=1504824961 HTTP 302
https://www.google.pl/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQIIz86xAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItf_oy_DNiwMVFzNVCB3-uyYOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2dlZWsucmVmdW5kcGF5Lm9ubGluZS9CV0NoQUlnUHpRdlFZUXpzWG90OTNNazR4bkVpMEFJQVNyQWJuNGpBX0tuajhUQjlpOHNVV3NaMmVaNmdobXpxM1V3OXB0RDl1TE9KbWRDZjloM3hUNkI2Yw&is_vtc=1&cid=CAQSKQCjtLzM4VTKo-KXJBYd2o6oVNu7uDSfV7AdHohTWYJLnhR4m-hTrPwG&random=1504824961&ipr=y

113 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
geek.refundpay.online/ 425 KB
99 KB 836ms
470ms Document
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash: 908aab06467ca03c7cfa00ce23918a9e370e7311333f15b1159b1d6d033ee320

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 18 Feb 2025 18:44:53 GMT
etag: "6a467-62e6aeaeb8dfe-gzip"
last-modified: Tue, 18 Feb 2025 13:50:02 GMT
server: nginx/1.26.2
vary: Accept-Encoding

GET
H2 200 theme-consumer-fdr-redesign.lc-af4b007571e2b54debf169f2790e8ab4-lc.min.css
media.mcafeeassets.com/etc.clientlibs/ecom-aemcs-frontend/npcld/themes/ 507 KB
55 KB 301ms
125ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/etc.clientlibs/ecom-aemcs-frontend/npcld/themes/theme-consumer-fdr-redesign.lc-af4b007571e2b54debf169f2790e8ab4-lc.min.css

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

6be99a1f79d9e635ac70eba4a25304b510267c2c5c0a6a31d25fa4aeab600655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: W/"7ea34-2386f26fb1bdc0-gzip"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294448_3245104796_256013042_117_1573_24_0_255";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 28 Jan 2025 02:46:58 GMT
content-type: text/css;charset=utf-8
x-served-by: cache-ams2100115-AMS
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-mcafee-cache: 1-day
x-timer: S1738032418.026496,VS0,VS0,VE772
pragma: no-cache
access-control-allow-origin: *
content-length: 55909

GET
H2 200 mcafee-redesign-mfe-edits.css
media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/ 181 KB
28 KB 260ms
84ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/mcafee-redesign-mfe-edits.css

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

bedbe464f8008f69d359b9781b6c77aeaa3f6cff27dcc05d34461c47d8291c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "0x8DC8A520B2E2368"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294332_3245104796_256013040_104_1616_24_92_255";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/css
last-modified: Tue, 11 Jun 2024 20:06:55 GMT
x-served-by: cache-fra-eddf8230137-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-timer: S1725629647.091996,VS0,VS0,VE1290
pragma: no-cache
access-control-allow-origin: *
content-length: 28536

GET
H2 404 scenario
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 0
0 437ms
209ms Script
text/plain 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
x-robots-tag: noindex, noindex
x-df-geo-country: PL
cache-control: public,max-age=86400
access-control-expose-headers: X-DF-GEO-COUNTRY
x-fd-int-roxy-purgeid: 0
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-ngn68
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 0
date: Tue, 18 Feb 2025 18:44:55 GMT
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015wg

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 6 KB
2 KB 339ms
111ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11416&programVersion=200

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

afa09844c4972ed76e34ed2bc21b0e290fbdbe7b065af2ebc4f3b963da07940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
x-cache-info: L1_T2
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-4xbx4
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015wn

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 10 KB
2 KB 362ms
134ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11925&programVersion=200

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c893619d581be099cb79c4c44d27b1c1b9722596ccb7f72df60f527c1764998f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
x-cache-info: L1_T2
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-fsndb
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015wh

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 5 KB
3 KB 339ms
111ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11454&programVersion=200

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8fe5f48a0db4fa2fc35ada24048b60d4f3a382ca0b6cc528cfbba72185b2d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
x-cache-info: L1_T2
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-ngn68
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015wm

GET
H2 200 intercept-survey.js Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/ 47 KB
20 KB 332ms
104ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a9c7e9e12167024309fcdf158863346a9ffbb68b9addd7535f39e65b1025f614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
etag: W/"1db343924a24cdb"
x-fd-int-roxy-purgeid: 0
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-fsndb
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 12:56:37 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public, max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015wk

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
90 KB 218ms
93ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-13175879&l=dataLayer&cx=c

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

211e7e6350e97a63bdb1fef3e19d7c6cec31f0832cbbc08357e394743da0cfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
expires: Tue, 18 Feb 2025 18:44:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2025 18:05:54 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
content-length: 91085
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 334 KB
112 KB 272ms
147ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VZPV0QJGLJ&l=dataLayer&cx=c

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9652e715f27cd9a19a1a82fd9100ae59f555bd34481b71a86c357fc2c0258a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
expires: Tue, 18 Feb 2025 18:44:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
content-length: 114580
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK tv2track.js Show response
collector-30568.us.tvsquared.com/ 20 KB
9 KB 659ms
153ms Script
application/javascript 18.221.31.22
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://collector-30568.us.tvsquared.com/tv2track.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.31.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-31-22.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

X-Robots-Tag: noindex
Cache-Control: max-age=600
Content-Encoding: gzip
ETag: "65d377e7-2133"
Connection: keep-alive
Expires: Tue, 18 Feb 2025 18:54:55 GMT
Accept-Ranges: bytes
Content-Length: 8499
Date: Tue, 18 Feb 2025 18:44:55 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Feb 2024 15:46:47 GMT
Server: nginx

GET
H2 200 / Show response
a2.adform.net/Serving/TrackPoint/ 780 B
1 KB 539ms
229ms Script
text/javascript 185.167.164.48
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?pm=3340020&ADFPageName=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&ADFdivider=%7C&ord=74395695545&ADFtpmode=2&loc=https%3A%2F%2Fwww.mcafee.com%2F&Set1=en-GB%7Cen-GB%7C1880x401%7C24

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

639259c62e76d2ebf4e37b0ac48d3dddc4ef7fd862cb79298fc08b42d2d4323b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

access-control-max-age: 86400
content-encoding: gzip
access-control-allow-methods: GET,POST
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-origin: *
server: nginx

GET
H2 200 17255f71-e1d4-4b38-b990-8884c35efb39-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 7 KB
7 KB 250ms
103ms Script
application/javascript 3.161.75.225
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/17255f71-e1d4-4b38-b990-8884c35efb39-latest.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.75.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-75-225.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e2bd06e76ce8735cc68b7434ec855624b27183f781f6504e8a5f2296111b049

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: Origin
x-amz-version-id: 2WNAhZGdk5.BdyOYjrePZ7apeDA8VEK_
etag: "f8ff3dd68fe32105b6ba2e1aff14889a"
age: 53475
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 6952
x-amz-cf-id: _pF6iLnhL5LVT0WYNB8HGjSCxoIplCTQAG2mlUXVDIja1VqrJX8ung==
date: Tue, 18 Feb 2025 04:03:30 GMT
content-type: application/javascript
last-modified: Thu, 23 Jan 2025 23:45:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
32 KB 264ms
107ms Script
application/javascript 37.157.2.250
ADFORM Adform A/S

General

Check archive.org

Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.157.2.250 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software: nginx /
Resource Hash: 22aea14693655e0fa33cc4aa8606714bcd6cfc66c6bc320ee70661116034ad1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"3a2c8a23cb95abca9c87291fc2553bb5"
x-amz-request-id: tx00000a516c1835d9caf64-0067a9b96f-329ad9f1-default
access-control-allow-origin: *
date: Tue, 18 Feb 2025 18:44:55 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 07 Feb 2025 08:48:48 GMT

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 24 KB
24 KB 140ms
34ms Script
text/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c68a273bf2b08c99c46ac43d1059b8067818b3b889fa890b068d942a957a000c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=NtYn9w==, md5=oynavh2gmdRzy/fdj9RC1Q==
etag: "a329dabe1da099d473cbf7dd8fd442d5"
age: 2626
x-goog-stored-content-encoding: identity
expires: Tue, 18 Feb 2025 19:01:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 24187
date: Tue, 18 Feb 2025 18:01:09 GMT
last-modified: Wed, 04 Dec 2024 19:07:47 GMT
content-type: text/javascript
x-guploader-uploadid: AHMx-iEdrnHna6N4uj4UzhszR4VrunkwoQnFBKCYLkD4dXizVazFuASBmsY7OMLaacW6Km_3
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1733339267254009
content-length: 24187
server: UploadServer

GET
H/1.1 200
OK tag.js Show response
s-static.innovid.com/container-tag/js/67ea8ac4/ 30 KB
7 KB 283ms
122ms Script
text/javascript 23.213.165.19
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://s-static.innovid.com/container-tag/js/67ea8ac4/tag.js?d=inv_data&cb=1720216292301
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.19 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-19.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2f97445bf03cb36aedf13f43683820f40828c48c3712d9724309b679765eff5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

Content-Encoding: gzip
ETag: "132c9be7735139c100bb5a9df539ed15"
x-amz-version-id: EQjvXHfUXXcwiLyET3UNTYwhlkYkPrzs
Date: Tue, 18 Feb 2025 18:44:55 GMT
Last-Modified: Tue, 24 Oct 2023 18:04:22 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
x-amz-id-2: zQL6+PXzv6XYGzO1EoqP5Z8H84SOYkgREwCFviED2/LAi0EqqhojSHA5M0LjE+BJt/UXJyNsOqY=
x-amz-replication-status: COMPLETED
Connection: keep-alive
x-amz-request-id: XN8QBVYR7WRZJXWE
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 6538
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 554540123362514 Show response
connect.facebook.net/signals/config/ 60 KB
13 KB 351ms
294ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/554540123362514?v=2.9.160&r=stable&domain=www.mcafee.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

a757ad837f4e3eec26061158ff89d3dc3bc50d56a5f9891ab36eef9984851e79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-UnsTeuUZ' .facebook.com .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self';img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-UnsTeuUZ' *.facebook.com *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self';img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=78, mss=1232, tbw=72062, tp=68, tpl=0, uplat=239, ullat=0
pragma: public
x-fb-debug: 6t747TkmD4zVfgW76Qj8xYQG5mrKDcKSvPfwMM6GaVtf1oR8uKVGsjgW2vQIsepXlOWyVmWIywijGQLvo+sOqw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 240 KB
61 KB 110ms
54ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

adf784d41eb8bcccbafdc0a834a61f95193325ce40c0aa305ddf9608c9b023f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-L49jPyv1' .facebook.com .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self';img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-L49jPyv1' *.facebook.com *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self';img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=52, rtx=0, c=23, mss=1232, tbw=4600, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: GMmIb48sBdYOisjuUkY5HP6BMZ0Tf5HhYLfz3VOgXJIqvgLugzVfDbQmdDDd8vVXRBH+kZFmhGDkchkB8+fgxw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
content-length: 62477
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
7 KB 244ms
90ms Script
application/javascript 87.248.119.252
YAHOO-DEB Yahoo-U...

General

Check archive.org

Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
etag: "cca96295b6201a4ce80988bdae868775-df"
x-amz-version-id: S368G.On_HD5kCG8tTyFviJgJpLggMJN
age: 102
date: Tue, 18 Feb 2025 18:43:14 GMT
last-modified: Mon, 10 Feb 2025 13:55:37 GMT
vary: Origin, Accept-Encoding
x-amz-expiration: expiry-date="Wed, 18 Mar 2026 00:00:00 GMT", rule-id="standard-lifecycle"
content-type: application/javascript
x-amz-id-2: S/+xK/mey43wVbEombwY3UOadHuQ/kzEENwpcotUm//A03PR7uMKlrYe7TOCOryES/EAcRjlMAc=
strict-transport-security: max-age=31536000
cache-control: public,max-age=3600
ats-carp-promotion: 1, 1
referrer-policy: no-referrer-when-downgrade
x-amz-request-id: XXBFZGVZXR7N4TQ6
accept-ranges: bytes
content-length: 6810
server: ATS
x-amz-server-side-encryption: AES256

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 309 KB
105 KB 77ms
76ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-740246542

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8f297c169f8ebbdf0215eecbc7efb6424aed391c4a027e115066303027254838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1003:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1003:0"}],}
expires: Tue, 18 Feb 2025 18:44:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 18 Feb 2025 18:05:54 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1003:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1003:0
content-length: 107248
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 alloy.min.js Show response
cdn1.adoberesources.net/alloy/2.14.0/ 83 KB
23 KB 195ms
57ms Script
application/x-javascript 23.213.169.28
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://cdn1.adoberesources.net/alloy/2.14.0/alloy.min.js

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.169.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-213-169-28.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

46ec3c72601c546bda419a95d91be94b598ede0e8b758c7e075f1d73be48befe

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=3600
content-encoding: br
etag: "a41a7668fbf1b68fc309f94e010b1b71:1674665144.732626"
expires: Tue, 18 Feb 2025 19:44:55 GMT
accept-ranges: bytes
content-length: 23720
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Jan 2023 21:32:28 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding

GET tv2track.js
collector-30568.us.tvsquared.com/ 0
0

GET
H2 404 propandAT.min.js
geek.refundpay.online/content/dam/npcld/adobe/js/210200/ 0
0 177ms
176ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/content/dam/npcld/adobe/js/210200/propandAT.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 200 swiper.css
media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/ 16 KB
5 KB 199ms
169ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/swiper.css

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

862687167c338b90aa741e24c4b0fab71b4d11a4c578f3717e394bdba74a2dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "406e-6081f8aaf0c00-gzip"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294456_3245104796_256013041_835_1607_24_0_255";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Fri, 20 Oct 2023 05:57:04 GMT
content-type: text/css
x-served-by: cache-fra-etou8220020-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-mcafee-cache: 1-day
x-timer: S1724770118.834319,VS0,VS0,VE613
pragma: no-cache
access-control-allow-origin: *
content-length: 4258

GET
H2 200 LXNDQ-3SP7Y-P3JVN-Y4HAH-VQNKC Show response
s.go-mpulse.net/boomerang/ 204 KB
50 KB 193ms
77ms Script
application/javascript 23.209.208.19
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://s.go-mpulse.net/boomerang/LXNDQ-3SP7Y-P3JVN-Y4HAH-VQNKC
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.209.208.19 Ancol, Indonesia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-209-208-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4dafc5d60a0cdc3b677a4cd543239bead37d550f86d89ec5210935ba15872ce1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

cache-control: max-age=604800
timing-allow-origin: *
content-encoding: br
customappheader: mpulse-ab-boomr__git__e2ba5a7__git__e2ba5a7__p19.alsi10-lite
content-length: 50742
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 08:30:21 GMT
vary: Accept-Encoding

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 209 KB
44 KB 248ms
85ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c19f0588c0b2e50b33c86704dd9c868f9c2a90accd729927b119c1426618099

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=300
content-encoding: br
etag: W/"c4cf1e2ee6579963d21a08f33b6177eb"
x-amz-version-id: 5_0tfqsvs8k3mjiuHAzR5SnMqNiQAJTV
age: 42
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: cQezJrhoniUJF9yf-HfemUOgnYR6qh7y5vGev8qMW8Aqu0DQzGg7pg==
date: Tue, 18 Feb 2025 18:44:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.608.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 13 KB
4 KB 323ms
194ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.608.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5401d0ea17631968fb3a650a32101c83ebf862cb9129dccd0e75b63b676c5ee7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"77acc60c3ee4f281de6ae7089a42a468"
x-amz-version-id: aj_Npy02_Z3ZLxltyMZmtk5AhId21phK
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: YTKyUsEZB7KIEHGwZoqu1-JaC2f-h1EEMusv3ZqwjBaRXftaGrBRDw==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.331.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 6 KB
3 KB 478ms
378ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.331.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23761d2b990112f0a8f2b4f56247f239433b2623abedeb10d6d020ccfc66cc92

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"d095317c51b918944ca62a08e5473eeb"
x-amz-version-id: 27TZ0Zc1LYBtWB.VAbIooFYN.ShjPqDa
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: SSRxe2e0vPLkxbSUZfmSlJRBQLeesoaVnVu6uliDTPmVMFyzSZxm1g==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.356.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 112 KB
28 KB 512ms
422ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.356.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc72841257c860e78b94bf0e0ba6d3d854c922fe834c29085fe388d9d1774293

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"c77b507fe7ee2ceec36e740f5a6d222c"
x-amz-version-id: jw4KuB42M3KHrkRZNyhMCOdm_2_eJpvg
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Uua4f2z2pCuMqCozo5L-4anYh-5AA8sTEjuLcgfqCNV0RyYupHapRA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.523.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 397ms
378ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.523.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d4abb2b79cef3c50464a14384e7f38fbe94e033095e7021b9d0d815bc980bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"55fe3b89128b646fc8f3c8fe89adc222"
x-amz-version-id: MLpAsHiS62_5thDVuuuS.NXnKr.Cy7By
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: SXzLBQq2HuGhP47ysYzc1BlcG-wDTXIDy4xvq8KJZOgqNKdeiqnT9g==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.531.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 10 KB
3 KB 262ms
258ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.531.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df792bd1cd687d8b95ecb74896a118200ff4e115a40e5c8656a34184c0496180

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"b96a8fab7bbf6dfffd09d978d011e433"
x-amz-version-id: kofqSG_YdVva6Xd3benNjbZMNv77Mw8w
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: IGKgiEerLQXdBBhaYLzrP0_nS933WmFs6kjIJHibVpkb7i78BwlKNA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.594.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 356ms
351ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.594.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 046a7b74ff366e3712939c98ccc882a1c8243ea0c8bf47ff3c79e58626dc976d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"489bb8d21877ea23702dbe9b144d8fde"
x-amz-version-id: 2ASzcasJSIzMga96VwLVDE3NoEedPdsb
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: UjVmAnNbjjVR61FjaIUJffkLMNf74IdEtJkHpUfgpAzXrut80itsMg==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.596.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 20 KB
6 KB 366ms
362ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.596.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fbe13483f1a5aeb7d0fe84919e2b980f7acaa5c63e16b3d5e6f8f20751472d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"6ba81573fc1262c7d1306aa8cdc94cf7"
x-amz-version-id: joQxWKOe0H2DVyiHwobDoTqWGeb5y.Cu
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 9-Sdhumd-vJUOaplWTUn9qg-iTBSUiNsbfhJ6mfi8WzNMAK8hNeXAA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.597.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 23 KB
6 KB 367ms
363ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.597.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6048215facd457c0cdb099cd2863b4b9b751410639223d2702ca1645d4c557bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"587507cc7f69ab6e12cf1998aa83f95e"
x-amz-version-id: Wf4qSTsRyVLMjDaMIXf5EUszn8FBSfFk
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: u4CSIGLnjXYgsAzn-1pDoE5p2vRUnYnPr8JZ7kNl6gJx9MwDNcEyBA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Tue, 30 Jul 2024 05:48:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.606.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 8 KB
3 KB 180ms
175ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.606.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20a050eca9940a35106a14974adb679ab8eeeebb928bcba147ed9dc6d715634b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"52f2e7bab664d75061c94253eec5f28d"
x-amz-version-id: pcRCNmBVTQI3PaNLAJWFanuoBVjZNIfu
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 4zXyJ1V2KEMI1Y2CuUXwzpYi1WEAILhqno2JhSNDsWxqt3Q0leLzqw==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.612.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 364ms
360ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.612.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd50e3521ce85d213b437cf3a067530a29b18cefe4b4953f70cba193d1dec7d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"3ac3f5c9b944fa0e6f5128f055cd98fc"
x-amz-version-id: bZwgEsCRav4Kg8zzEmabcAgbhEf8Yqg7
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ylNMotTgo0LcJIULbU7F1AjtkQ7oY5F9Npjt1qHHiZUuJ6cF16ruUg==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.613.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 12 KB
3 KB 382ms
378ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.613.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58980a0847af0d0abcafdefc652d6743470865c9a1be90acbe2cdd1a0fba16eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"759a5fbb25715813d52629a1d376a65f"
x-amz-version-id: FGx2T.ZfFq15bLwfN6uuVFVkXXxJHfT1
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: PPRABGrWdM6HaOydy1cNcK4Fk-rK-nnwYXf_py0fYuL3sOSPDyyCuA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.625.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 368ms
364ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.625.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11b81048d069d094bd303ce281200d3013ed56a2aac2e8fdc9d5ce7570ffdd25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"67cebaac22644ae16a512e785d2197c5"
x-amz-version-id: PgGB9fXH1zZH9NVbXiP9dRgFfbyTvQ7.
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 4BcU-v8CPb17WC4W5Ngg9JrOmvFcsi_i9adXYV-Zg2YiGAmh2twvGA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.627.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 355ms
351ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.627.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce73fee18338b9e998c987fb95cde99c53f10faefeb3c09472fabfba80092ac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"ae6185b94952b61df2b78c1be8ec4ab5"
x-amz-version-id: 4b5cgiJjcY4uBCU6SjxdU8WWKLdnwib0
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: doOXK4DyNptDivab8Fs9EL35jLztkdz_AqJFvF9aE1BSUUORwpgbDw==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.629.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 365ms
361ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.629.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a34a0bef36079aa63c5d046841b09d4a49a0125dc1ef0c6b78051fdaf6176bae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"e15faa325ad3a4fdf3aa12e7fd1928f0"
x-amz-version-id: lu7XfIl5eg4bEy0EmwJ0mFx62fu1laLT
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: y3ULxIZsAsILUi-2jzy8E-9c38FJ6YdKOIp3u7SoIoPpLRUm7ioVtQ==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.634.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 4 KB
2 KB 370ms
366ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.634.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c11a484d3e04cbe13f464be1cc5fcdf9981b552ee0f80f7a257321201070499

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"af62940f711c71df4c4bbdf7faa89f31"
x-amz-version-id: r_aTXtmRo0e.CGpsfHJHr6oJgcsc3hB6
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ITCgwRhufnG8VHbH1ITj1Fyl5W_OMVv7Esl_2DvyWgB5bINInBoGNg==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:18:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.642.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 3 KB
2 KB 189ms
185ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.642.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 438a59ae39cbd3d419fc5f1ed3a25f4e7d396b045af2f7d0d270b0dec974e25f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"1acef540afa640fdf66d08ca7e4e7a02"
x-amz-version-id: Do6hihxx4bQQoDeRVIGbt0RmmzXDZJWd
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: mQt1hwmBy9twHjKIaXYq7mCLb10x2JzYOWKnY1YhQT44-WGUteSAlQ==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 utag.643.js Show response
tags.tiqcdn.com/utag/mcafee/consumer-main/prod/ 2 KB
1 KB 388ms
384ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.643.js?utv=ut4.39.202407041133
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 88ff719d147f3058f5db369caff1a1e253ea7dd028e04dc62293797c0d6379ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
cache-control: max-age=1296000
content-encoding: br
etag: W/"fa96b849f626f0296042c6fc3f96fa53"
x-amz-version-id: Ar5E9KP7zniVL7Ub2LkvJ88Vl5bgLdWZ
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: GljA-c-LdBe4WaciuL8RBuLgR4-NSkPRzLCJJLPNYU2JeRy0eYouTA==
date: Tue, 18 Feb 2025 18:44:56 GMT
content-type: application/javascript
last-modified: Wed, 12 Feb 2025 18:17:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256

GET
H2 200 loader Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/ 3 KB
2 KB 71ms
67ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader?programKey=DAixoz

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

05c0d1aa20a4865bc9ad7915fd0ff93bf25cb90c16e01f97965c45e8df721050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
x-cache-info: L1_T2
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-4xbx4
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public, max-age=60
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015x1

GET
H2 200 tracker-latest.min.js Show response
d2hrivdxn8ekm8.cloudfront.net/ 10 KB
10 KB 62ms
59ms Script
application/javascript 3.161.75.225
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.75.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-75-225.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: Origin
x-amz-version-id: SWCsuWptg0Q6QtRxILAYrOPGDJcNgeJR
etag: "4b728eb7a2b33631d4f7c20a31fddfde"
age: 54390
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 9800
x-amz-cf-id: o45IzP4LD2gvlrUBg-7xv02052sEHlhXO8pXSYB_8wJR3Nf_Ew-BRw==
date: Tue, 18 Feb 2025 03:38:26 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 17 Jun 2024 21:35:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 5 KB
2 KB 155ms
81ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1720216292608&cv=11&fst=1720216292608&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

891c8660875e6e26c5f2b1361e29756c836a7262146b11a766acc82a46f6b25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2295
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/740246542/ 6 KB
3 KB 151ms
77ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/740246542/?random=1720216292637&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

acc825a9af5410e4446f11fd9edcce760a852fc87ac2db717a526ed88083c7c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2631
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/ 5 KB
2 KB 138ms
83ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=1720216292649&cv=11&fst=1720216292649&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_prodid%3D665%2C663%2C667%2C664%2C662%2C666%2C535%2C537%3Becomm_pagetype%3Dhome&rfmt=3&fmt=4

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6b6343ecc094a865e380e09646248dcf27234515d87ea078eb15c3ca0502e8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2345
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 1720219525704
rtr.innovid.com/placement/container-tag/uuid/ 0
215 B 335ms
137ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1720219525704
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:54 GMT
pragma: no-cache

GET
H2 200 1x1.gif
d2v83son8kay5v.cloudfront.net/ 43 B
406 B 286ms
129ms Image
image/gif 18.173.206.189
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d2v83son8kay5v.cloudfront.net/1x1.gif?action=ct-init&hash=67ea8ac4&advertiserId=4015&errorName=&errorCause=&errorMessage=&url=file%3A%2F%2F%2FC%3A%2FUsers%2Fproze%2FOneDrive%2FDesktop%2FMcafee%2Findex.html
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.206.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-206-189.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
etag: "b4491705564909da7f9eaf749dbbfbb1"
age: 36428
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 43
x-amz-cf-id: Ln6cgNwJIFg_UhUuzY5shZlSI3kEpxgtSF-xa9jGLYWJe6v0YJlj1g==
date: Tue, 18 Feb 2025 08:42:05 GMT
content-type: image/gif
last-modified: Mon, 13 Sep 2021 08:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 220px-Geek_Squad_logo_%28new%29.svg.png
upload.wikimedia.org/wikipedia/en/thumb/5/54/Geek_Squad_logo_%28new%29.svg/ 13 KB
14 KB 429ms
198ms Image
image/png 185.15.59.240
WIKIMEDIA

General

Check archive.org

Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/en/thumb/5/54/Geek_Squad_logo_%28new%29.svg/220px-Geek_Squad_logo_%28new%29.svg.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

upload-lb.esams.wikimedia.org

Software

envoy /

Resource Hash

a9ae1a718ac2c3f4c8e06163475309bc1d6b64ec0ed2c5774efa3f85c5a6b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
etag: 95fad7c66c0f97fbb83d4206f347b232
age: 17662
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
x-content-type-options: nosniff
server-timing: cache;desc="hit-local", host;desc="cp3077"
x-cache: cp3077 hit, cp3077 miss
date: Tue, 18 Feb 2025 13:50:33 GMT
content-type: image/png
content-disposition: inline;filename*=UTF-8''Geek_Squad_logo_%28new%29.svg.png
last-modified: Wed, 12 Jun 2024 22:32:11 GMT
x-client-ip: 149.102.244.66
x-cache-status: hit-local
strict-transport-security: max-age=106384710; includeSubDomains; preload
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13458
server: envoy

GET
H2 200 header_redesign-w-plan.css
media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/ 43 KB
5 KB 72ms
72ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/header_redesign-w-plan.css

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

efde75dbb4ad9b20dd42d67529e8dccd0fbbe143d1b3d66540cdcb763157e781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "0x8DCA103523859A0"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1739904294750_3245104796_256013345_286_4409_30_0_182";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/css
last-modified: Wed, 10 Jul 2024 17:11:21 GMT
x-served-by: cache-fra-etou8220046-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-timer: S1726714414.082026,VS0,VS0,VE1253
pragma: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4672

GET
H2 200 helpme-widget.min.css
media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/css/css-components/ 25 KB
4 KB 71ms
60ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/css/css-components/helpme-widget.min.css?v=0.3

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

b7c8f72467bf2d974e2c436a8d5a5443466845b38a09f037c11d39dfeb21a8fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "0x8DBE77B2A7D6E65"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294843_3245104796_256013429_184_1555_27_0_182";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/css
last-modified: Fri, 17 Nov 2023 14:40:38 GMT
x-served-by: cache-ams21083-AMS
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-timer: S1724759596.899779,VS0,VS0,VE1214
pragma: no-cache
access-control-allow-origin: *
content-length: 3709

GET
H2 200 today-logo.png
media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/ 2 KB
3 KB 97ms
92ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/today-logo.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

cbe292e9a846a8c560f7d5cbc7090b111b1385ebacd1be5f8b6ffeb80d5fec4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=25320289
etag: "0x8DBD4167DE279F0"
expires: Mon, 08 Dec 2025 20:09:43 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1739904294871_3245104796_256013451_282_3561_26_0_146";dur=1
access-control-allow-origin: *
content-length: 2399
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 24 Oct 2023 00:48:13 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 forbes-logo.png
media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/ 2 KB
2 KB 99ms
94ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/forbes-logo.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4cb0590eff10867e3627919169a185745865cc811679715528905e80f555fe3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=25662111
etag: "0x8DBD4167DC0C60D"
expires: Fri, 12 Dec 2025 19:06:45 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1739904294871_3245104796_256013452_337_3743_26_0_146";dur=1
access-control-allow-origin: *
content-length: 1907
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Mon, 30 Oct 2023 01:39:16 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 usa-today-logo.png
media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/ 2 KB
2 KB 190ms
186ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/usa-today-logo.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

6a46ff0fc9d5f7c6b5c3b6b304daf9969806d0e843727321bdf24620f2739285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=17544485
etag: "0x8DBD4167DD81B37"
expires: Tue, 09 Sep 2025 20:12:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=63, ak_p; desc="1739904294904_3245104796_256013453_9561_4558_24_0_219";dur=1
access-control-allow-origin: *
content-length: 1700
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 24 Oct 2023 19:37:28 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 insider-logo.png
media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/ 1 KB
2 KB 120ms
116ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/mcafee-redesign/insider-logo.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c789a7bf47f5c905ed597b042f384f62e299ff222f935290f9a4983e2567d3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=25662188
etag: "0x8DBD4167DBF3FA9"
x-check-cacheable: YES
expires: Fri, 12 Dec 2025 19:08:02 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=26, ak_p; desc="1739904294872_3245104796_256013454_2613_3513_25_0_146";dur=1
access-control-allow-origin: *
content-length: 1520
x-serial: 1138
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 24 Oct 2023 19:37:30 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 email-scan-breach-homepage-mfe-edits.css
media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/ 7 KB
2 KB 97ms
87ms Stylesheet
text/css 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL

https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/email-scan-breach-homepage-mfe-edits.css

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

436160406522cd7167fd0aa7cefdc642f63a973ff340511cdecaee67d30b20ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "1a40-6081f8aaf0c00-gzip"
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=19, ak_p; desc="1739904294850_3245104796_256013430_2682_1873_26_0_182";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Fri, 20 Oct 2023 05:57:04 GMT
content-type: text/css
x-served-by: cache-fra-eddf8230030-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=0, no-cache
x-mcafee-cache: 1-day
x-timer: S1724770229.258988,VS0,VS0,VE158
pragma: no-cache
access-control-allow-origin: *
content-length: 1561

GET
H2 200 privacy-options.svg
media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/icons/ 2 KB
1 KB 94ms
90ms Image
image/svg+xml 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/ecommerce/en-us/icons/privacy-options.svg

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "0x8DC6ECDDDA3BB72"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1739904294872_3245104796_256013455_133_1574_26_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: image/svg+xml
last-modified: Tue, 07 May 2024 19:42:44 GMT
x-served-by: cache-fra-eddf8230064-FRA
strict-transport-security: max-age=31536000
cache-control: private, max-age=31536000
x-timer: S1724768105.072580,VS0,VS0,VE321
accept-ranges: bytes
access-control-allow-origin: *
content-length: 716

GET
H2 200 appStore.png
media.mcafeeassets.com/content/dam/npcld/en-us/general/ 3 KB
3 KB 74ms
64ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/en-us/general/appStore.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

60a5cd1fa7584475521f5f849d95e9853cbcf2993215e08d2316fc0c3ecbd5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=25011325
etag: "0x8DBB935B58DE2DE"
x-check-cacheable: YES
expires: Fri, 05 Dec 2025 06:20:19 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1739904294843_3245104796_256013431_177_3796_27_0_182";dur=1
access-control-allow-origin: *
content-length: 3072
x-serial: 680
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 19 Sep 2023 18:58:36 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 200 google_play.png
media.mcafeeassets.com/content/dam/npcld/en-us/general/ 3 KB
3 KB 72ms
62ms Image
image/avif 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/en-us/general/google_play.png

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7662e7746d4484a1466f8323bfc24c222f4fe44059b8142d576055087d9f4d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=25299381
etag: "0x8DBB935B5961F14"
x-check-cacheable: YES
expires: Mon, 08 Dec 2025 14:21:15 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294843_3245104796_256013432_93_3777_27_0_182";dur=1
access-control-allow-origin: *
content-length: 3144
x-serial: 1860
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Tue, 19 Sep 2023 18:58:23 GMT
content-type: image/avif
server: Akamai Image Manager

GET
H2 404 clientlib-forms.lc-7f10c1792f5d1ccb3bfb7108b85d3e37-lc.min.js
geek.refundpay.online/etc.clientlibs/ecom-aemcs-frontend/npcld/vue/ 0
0 328ms
324ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/etc.clientlibs/ecom-aemcs-frontend/npcld/vue/clientlib-forms.lc-7f10c1792f5d1ccb3bfb7108b85d3e37-lc.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 404 organic_custom_scripts.min.js
geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/js/ 0
0 326ms
323ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/js/organic_custom_scripts.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 404 custom_script_redesign.js
geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/ 0
0 188ms
178ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/custom_script_redesign.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 200 1720217030325
rtr.innovid.com/placement/container-tag/uuid/ 0
214 B 67ms
64ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1720217030325
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:54 GMT
pragma: no-cache

GET
H2 200 1720216773546
rtr.innovid.com/placement/container-tag/uuid/ 0
214 B 141ms
138ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1720216773546
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:54 GMT
pragma: no-cache

GET
H2 404 swiper.min.js
geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/ 0
0 334ms
324ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/swiper.min.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 404 sec-4-5.css
geek.refundpay.online/_sec/cp_challenge/ 0
0 365ms
356ms Stylesheet
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/_sec/cp_challenge/sec-4-5.css
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 404 sec-cpt-4-5.js
geek.refundpay.online/_sec/cp_challenge/ 0
0 359ms
356ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/_sec/cp_challenge/sec-cpt-4-5.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
H2 200 /
a2.adform.net/Serving/TrackPoint/ 35 B
656 B 173ms
170ms Image
image/gif 185.167.164.48
ADFORM Adform A/S

General

Check archive.org

Download Go to Show image

Full URL

https://a2.adform.net/Serving/TrackPoint/?pm=3340020&ADFPageName=PageView&ADFdivider=|

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.167.164.48 , Denmark, ASN198622 (ADFORM Adform A/S, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
508 B 319ms
125ms Image
image/gif 54.246.144.89
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2005%20Jul%202024%2021%3A51%3A32%20GMT&n=-6&b=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&.yp=10180750&f=https%3A%2F%2Fwww.mcafee.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=tealium

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.246.144.89 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-144-89.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.144 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
cache-control: no-cache, no-store, private, must-revalidate
pragma: no-cache
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-content-type-options: nosniff
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.144)
expires: Tue, 18 Feb 2025 18:44:55 GMT
accept-ranges: bytes
referrer-policy: strict-origin-when-cross-origin
content-length: 43
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: image/gif
server: ATS/9.1.10.144
x-frame-options: DENY

GET
H2 200 1720216292487
rtr.innovid.com/placement/container-tag/uuid/ 0
214 B 139ms
137ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1720216292487
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:54 GMT
pragma: no-cache

GET
H2 200 1x1.gif
d2v83son8kay5v.cloudfront.net/ 43 B
405 B 58ms
55ms Image
image/gif 18.173.206.189
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d2v83son8kay5v.cloudfront.net/1x1.gif?action=ct-init&hash=67ea8ac4&advertiserId=4015&errorName=&errorCause=&errorMessage=&url=https%3A%2F%2Fwww.mcafee.com%2F
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.206.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-206-189.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
etag: "b4491705564909da7f9eaf749dbbfbb1"
age: 36428
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 43
x-amz-cf-id: y0ojRtaF6TijDkh5CyaLhGgEe28hV5b9ElB-yACeNIOZv_lAY6_lJg==
date: Tue, 18 Feb 2025 08:42:05 GMT
content-type: image/gif
last-modified: Mon, 13 Sep 2021 08:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 1720220174214
rtr.innovid.com/placement/container-tag/uuid/ 0
214 B 139ms
138ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1720220174214
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:54 GMT
pragma: no-cache

GET
H2 200 css2
fonts.googleapis.com/ 15 KB
1 KB 235ms
86ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: media.mcafeeassets.com
URL: https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/mcafee-redesign-mfe-edits.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://media.mcafeeassets.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 18 Feb 2025 18:44:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 18:44:54 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 18 Feb 2025 17:30:50 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 index.js
geek.refundpay.online/.rum/@adobe/helix-rum-js@%5E1/src/ 0
0 327ms
325ms Script
text/html 62.60.227.21
CHSCLOUD-AS Valer...

General

Check archive.org

Download Go to

Full URL: https://geek.refundpay.online/.rum/@adobe/helix-rum-js@%5E1/src/index.js
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.60.227.21 , Hong Kong, ASN215939 (CHSCLOUD-AS Valery Smoliar, IL),
Reverse DNS
Software: nginx/1.26.2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://geek.refundpay.online
Referer: https://geek.refundpay.online/

Response headers

content-encoding: gzip
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: text/html; charset=iso-8859-1
server: nginx/1.26.2

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 gray-arrowdwn.svg
media.mcafeeassets.com/content/dam/npcld/en-us/test-assets/header-redesign/ 179 B
600 B 80ms
79ms Image
image/svg+xml 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/dam/npcld/en-us/test-assets/header-redesign/gray-arrowdwn.svg

Requested by

Host: media.mcafeeassets.com
URL: https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/mcafee-redesign-mfe-edits.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

2170edf920df8db1736b378cacb7cbbb19d9693f32a60348d31e285ab9744591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://media.mcafeeassets.com/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/css/mcafee-redesign-mfe-edits.css

Response headers

content-encoding: gzip
x-vhost: publish-mcafee
etag: "b3-5f9856bcb3780-gzip"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="1739904294872_3245104796_256013456_315_1541_26_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Mon, 17 Apr 2023 10:11:58 GMT
content-type: image/svg+xml
x-served-by: cache-fra-eddf8230072-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-mcafee-cache: 365-days
x-timer: S1724768130.263733,VS0,VS0,VE155
accept-ranges: bytes
access-control-allow-origin: *
content-length: 162

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 118ms
54ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://geek.refundpay.online
Referer: https://fonts.googleapis.com/

Response headers

age: 34195
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 09:14:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 09:14:59 GMT
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 125ms
61ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://geek.refundpay.online
Referer: https://fonts.googleapis.com/

Response headers

age: 32614
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 09:41:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 09:41:20 GMT
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H2 403 config.json Show response
c.go-mpulse.net/api/ 113 B
276 B 418ms
264ms XHR
application/json 23.38.80.134
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=LXNDQ-3SP7Y-P3JVN-Y4HAH-VQNKC&d=geek.refundpay.online&t=5799681&v=1.737.0&sl=0&si=4155f532-c306-4188-bb2d-40049b2fccfb-srw6qt&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=250743
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/LXNDQ-3SP7Y-P3JVN-Y4HAH-VQNKC
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.80.134 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-80-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3742dd40334a546f5991ea8fd2f270c55f198dde0eb113931084501464c87862

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
content-length: 113
alt-svc: h3=":443"; ma=93600
timing-allow-origin: *
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/json

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 58ms
57ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://geek.refundpay.online
Referer: https://fonts.googleapis.com/

Response headers

age: 34819
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 09:04:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 09:04:35 GMT
last-modified: Wed, 04 Dec 2024 06:54:05 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 54ms
54ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://geek.refundpay.online
Referer: https://fonts.googleapis.com/

Response headers

age: 64131
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 00:56:03 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 18 Feb 2025 00:56:03 GMT
last-modified: Wed, 04 Dec 2024 06:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H2 200 featured-icon-1.svg
media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_0/card_img.coreim... 6 KB
3 KB 113ms
113ms Image
image/svg+xml 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_0/card_img.coreimg.svg/1697151317452/featured-icon-1.svg

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1326a8ceef4865b3ee36e2df0f779f2eadff2738e2b76d2ae7acdfcdbe0be83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "1722-6078cd5613f40-gzip"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="1739904294992_3245104796_256013589_674_1558_24_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:55 GMT
last-modified: Thu, 12 Oct 2023 22:55:17 GMT
content-type: image/svg+xml
x-served-by: cache-fra-eddf8230073-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-mcafee-cache: 365-days
x-timer: S1733736583.370025,VS0,VS0,VE632
access-control-allow-origin: *
content-length: 2380

GET
H2 200 featured-icon-2.svg
media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_1/card_img.coreim... 2 KB
1 KB 99ms
98ms Image
image/svg+xml 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_1/card_img.coreimg.svg/1697151303263/featured-icon-2.svg

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

87d73937e379c75662cdf30ce4779f193d099a04f50aa372a02c76c4deaf1398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "7f6-6078cd48b9fc0-gzip"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294992_3245104796_256013590_64_1510_24_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Thu, 12 Oct 2023 22:55:03 GMT
content-type: image/svg+xml
x-served-by: cache-fra-etou8220078-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-mcafee-cache: 365-days
x-timer: S1736416977.679432,VS0,VS0,VE648
access-control-allow-origin: *
content-length: 783

GET
H2

200

featured-icon-3.svg
media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/jcr%3acontent/root/section/main_section_content/cardsection_copy_cop/card_2/card_img.corei...
Redirect Chain

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_2/card_im...
https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/jcr%3acontent/root/section/main_section_content/cardsection_copy_cop/card_2/card_i...

2 KB
1 KB

906ms
906ms

Image
image/svg+xml

104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/jcr%3acontent/root/section/main_section_content/cardsection_copy_cop/card_2/card_img.coreimg.svg/1736546281644/featured-icon-3.svg

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

714fb46754a94b252dcfc9add242c997e49ab92368766ad716c5649f2ddb39e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "8e0-62b6130370c40-gzip"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:56 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=764, ak_p; desc="1739904295794_3245104796_256014519_78265_1645_27_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:56 GMT
last-modified: Fri, 10 Jan 2025 21:58:01 GMT
content-type: image/svg+xml
x-served-by: cache-fra-eddf8230115-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-mcafee-cache: 365-days
x-timer: S1739904296.816408,VS0,VS0,VE746
access-control-allow-origin: *
content-length: 874

Redirect headers

x-vhost: publish-mcafee
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:55 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=10, origin; dur=667, ak_p; desc="1739904294992_3245104796_256013591_67705_1479_27_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: image/svg+xml
x-served-by: cache-fra-eddf8230115-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
location: /content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/jcr%3acontent/root/section/main_section_content/cardsection_copy_cop/card_2/card_img.coreimg.svg/1736546281644/featured-icon-3.svg
x-mcafee-cache: 365-days
x-timer: S1739904295.002750,VS0,VS0,VE666
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-sky-isauth: 0

GET
H2 200 featured-icon-4.svg
media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_3/card_img.coreim... 3 KB
2 KB 101ms
101ms Image
image/svg+xml 104.70.95.190
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL

https://media.mcafeeassets.com/content/experience-fragments/organic-site/en-us/mcafee-protection-guarantee/master1/_jcr_content/root/section/main_section_content/cardsection_copy_cop/card_3/card_img.coreimg.svg/1697151452790/featured-icon-4.svg

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.70.95.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-70-95-190.deploy.static.akamaitechnologies.com

Software

Resource Hash

0d42196928f167149c031c5ed794d67deea3436b6aa49bbd421da3b749f05dea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-vhost: publish-mcafee
content-encoding: br
etag: "c99-6078cdd6d2f00-gzip"
x-content-type-options: nosniff
expires: Wed, 18 Feb 2026 18:44:54 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1739904294992_3245104796_256013592_124_1463_24_0_146";dur=1
date: Tue, 18 Feb 2025 18:44:54 GMT
last-modified: Thu, 12 Oct 2023 22:57:32 GMT
content-type: image/svg+xml
x-served-by: cache-fra-etou8220147-FRA
strict-transport-security: max-age=31536000
cache-control: max-age=31536000
x-mcafee-cache: 365-days
x-timer: S1735896737.831692,VS0,VS0,VE662
access-control-allow-origin: *
content-length: 1156

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 25 KB
9 KB 248ms
91ms Script
application/javascript 2.16.10.177
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/17255f71-e1d4-4b38-b990-8884c35efb39-latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.10.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-10-177.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

Cache-Control: max-age=86402
Content-Encoding: gzip
ETag: "675772a2-6412"
Connection: keep-alive
Expires: Wed, 19 Feb 2025 18:44:57 GMT
Access-Control-Allow-Origin: *
Content-Length: 8780
Date: Tue, 18 Feb 2025 18:44:55 GMT
Last-Modified: Mon, 09 Dec 2024 22:43:46 GMT
Content-Type: application/javascript
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 17255f71-e1d4-4b38-b990-8884c35efb39-additional-latest.js Show response
d2hrivdxn8ekm8.cloudfront.net/tag-manager/ 11 KB
11 KB 93ms
93ms Script
application/javascript 3.161.75.225
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/17255f71-e1d4-4b38-b990-8884c35efb39-additional-latest.js
Requested by: Host: d2hrivdxn8ekm8.cloudfront.net
URL: https://d2hrivdxn8ekm8.cloudfront.net/tag-manager/17255f71-e1d4-4b38-b990-8884c35efb39-latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.75.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-75-225.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 849c80cfd880ab58172cb0fefc79d66f90c3862adc587c8c71c057d4688444a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: Origin
x-amz-version-id: vZSi7XVeYp2F4lrl9mC9gPfthS7j2iq0
etag: "945ad41fa5185812ebaa2dab3e41f8c7"
age: 54227
via: 1.1 ce9680b048a2aea06e1146ad2810fa14.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11268
x-amz-cf-id: 0Tvh3zc9HRDWPz2Q0CJW2c4nYjrxIvBZxOU8q2hT01kHQohXCxf-rw==
date: Tue, 18 Feb 2025 03:41:09 GMT
content-type: application/javascript
last-modified: Fri, 24 Jan 2025 00:05:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
x-amz-server-side-encryption: AES256

GET
H2 200 740246542
td.doubleclick.net/td/rul/ Frame 7E5A 0
0 207ms
82ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/740246542?random=1720216292608&cv=11&fst=1720216292608&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geek.refundpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 740246542
td.doubleclick.net/td/rul/ Frame 6FDF 0
0 241ms
117ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/740246542?random=1720216292637&cv=11&fst=1720216292637&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&ct_cookie_present=0

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geek.refundpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 740246542
td.doubleclick.net/td/rul/ Frame 0A3C 0
0 208ms
85ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/rul/740246542?random=1720216292649&cv=11&fst=1720216292649&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_prodid%3D665%2C663%2C667%2C664%2C662%2C666%2C535%2C537%3Becomm_pagetype%3Dhome

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geek.refundpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Fin...
13175879.fls.doubleclick.net/ Frame 42CA
Redirect Chain

https://13175879.fls.doubleclick.net/activityi;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2...
https://13175879.fls.doubleclick.net/activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=http...

0
0

88ms
83ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://13175879.fls.doubleclick.net/activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F?

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geek.refundpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 432
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Tue, 18 Feb 2025 18:44:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://13175879.fls.doubleclick.net/activityi;dc_pre=CKaa4svwzYsDFcij_QcdgrwfxA;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxM...
td.doubleclick.net/td/fls/rul/ Frame 670A 0
0 201ms
81ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=13175879;type=cp;cat=mcafe0;ord=1;num=4080012043566;npa=0;auiddc=1937171007.1720215319;u1=www.mcafee.com;u3=https%3A%2F%2Fwww.mcafee.com%2Fen-us%2Findex.html;u6=0;gdid=dYmQxMT;ps=1;pcor=424921809;uaa=;uab=64;uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127;uamb=1;uam=Nexus%205;uap=Android;uapv=6.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4730v9167479346za200zb883266441;gcd=13l3l3l3l1;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Fwww.mcafee.com%2F?

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://geek.refundpay.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Feb 2025 18:44:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1739904295417
rtr.innovid.com/placement/container-tag/uuid/ 0
214 B 65ms
64ms Image
text/plain 18.171.5.222
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://rtr.innovid.com/placement/container-tag/uuid/1739904295417
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.171.5.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-171-5-222.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

expires: -1
cache-control: no-cache
content-length: 0
date: Tue, 18 Feb 2025 18:44:55 GMT
pragma: no-cache

GET
H2 200 1x1.gif
d2v83son8kay5v.cloudfront.net/ 43 B
405 B 57ms
56ms Image
image/gif 18.173.206.189
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://d2v83son8kay5v.cloudfront.net/1x1.gif?action=ct-init&hash=67ea8ac4&advertiserId=4015&errorName=&errorCause=&errorMessage=&url=https%3A%2F%2Fgeek.refundpay.online%2F
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.206.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-206-189.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

vary: accept-encoding
etag: "b4491705564909da7f9eaf749dbbfbb1"
age: 36429
via: 1.1 e240913a5e90e18bd637baa6899f2280.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 43
x-amz-cf-id: TDwTdyJmkl8igyCfQfy6r90Wx83r1vdazhp5KqDOX6OpZxuFCaQvtQ==
date: Tue, 18 Feb 2025 08:42:05 GMT
content-type: image/gif
last-modified: Mon, 13 Sep 2021 08:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 utag.currency.js Show response
tags.tiqcdn.com/utag/tiqapp/ 3 KB
2 KB 94ms
94ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.currency.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AkamaiNetStorage /
Resource Hash: 16d1a5c6808952064c6b3e3eb4fcaf16b380be031e5936d74d5dce4ba7aeb549

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

cache-control: max-age=1296000
content-encoding: gzip
etag: W/"ba654982478d978d02d10735a9ac5ac1:1739801475.41782"
age: 297
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1833
x-amz-cf-id: uJ6O6pCIie2ble-ipogFEn-GAKf7SLBsewyGkhXg2h0YSwqiscU_nw==
date: Tue, 18 Feb 2025 18:39:58 GMT
content-type: application/javascript
last-modified: Mon, 17 Feb 2025 14:11:15 GMT
server: AkamaiNetStorage
x-amz-cf-pop: FRA60-P9
vary: Accept-Encoding

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
433 B 57ms
56ms Script
application/javascript 13.33.187.58
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mcafee/consumer-main/202502121817&cb=1739904295536
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mcafee/consumer-main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-58.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag: "7bc0ee636b3b83484fc3b9348863bd22"
age: 413
x-cache: Hit from cloudfront
x-amz-cf-id: Q9nMjp5KwP5LmqQv1csRjDnp_kiPbSrI216GTLFYKUMVwBmc9ExC_w==
date: Tue, 18 Feb 2025 18:38:07 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
cache-control: max-age=300
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2
x-amz-cf-pop: FRA60-P9
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK tv2track.php
collector-30568.us.tvsquared.com/ 42 B
276 B 154ms
154ms Image
image/gif 18.221.31.22
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://collector-30568.us.tvsquared.com/tv2track.php?action_name=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20Geek%20Squad&idsite=TV-6390453618-1&rec=1&r=366180&h=19&m=44&s=55&url=https%3A%2F%2Fgeek.refundpay.online%2F&_id=4625b6a1dd16975f&_idts=1739904296&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=664
Requested by: Host: geek.refundpay.online
URL: https://geek.refundpay.online/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.31.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-221-31-22.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

Request-Id: ae906313-1d7a-4bd0-9972-bd48e13637f4
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Date: Tue, 18 Feb 2025 18:44:55 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

GET
H2 200 program Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 2 KB
939 B 356ms
117ms XHR
application/json 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/program?programKey=DAixoz&programVersion=217

Requested by

Host: digitalfeedback.us.confirmit.com
URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6c853599923274f6530cee7363d0df1eb3fa4e3a1b7cb93168936447872c6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-4xbx4
x-content-type-options: nosniff
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-167448fdd4644x4khC1PARawqc0000000f3g0000000006mg

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 123ms
63ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1720216292608&cv=11&fst=1720213200000&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCjtLzMGhULWzJOtZvYVW43ZepUp6E9R-yNdHU6TlhThOlZjpmdKpF4&random=3192395378&rmt_tld=0&ipr=y

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.pl/pagead/1p-user-list/740246542/ 42 B
455 B 202ms
86ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.pl/pagead/1p-user-list/740246542/?random=1720216292608&cv=11&fst=1720213200000&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCjtLzMGhULWzJOtZvYVW43ZepUp6E9R-yNdHU6TlhThOlZjpmdKpF4&random=3192395378&rmt_tld=1&ipr=y

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/740246542/ 42 B
64 B 142ms
86ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/740246542/?random=1720216292649&cv=11&fst=1720213200000&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_prodid%3D665%2C663%2C667%2C664%2C662%2C666%2C535%2C537%3Becomm_pagetype%3Dhome&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCjtLzMzQSH77xK-8AIoIgDrbKVv6gP7FNB7eFS8oZqH7vTPoI90PxB&random=4101155597&rmt_tld=0&ipr=y

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.pl/pagead/1p-user-list/740246542/ 42 B
108 B 195ms
85ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.pl/pagead/1p-user-list/740246542/?random=1720216292649&cv=11&fst=1720213200000&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&data=event%3Dpage_view%3Becomm_prodid%3D665%2C663%2C667%2C664%2C662%2C666%2C535%2C537%3Becomm_pagetype%3Dhome&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCjtLzMzQSH77xK-8AIoIgDrbKVv6gP7FNB7eFS8oZqH7vTPoI90PxB&random=4101155597&rmt_tld=1&ipr=y

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

/
www.google.pl/pagead/1p-conversion/740246542/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_e...
https://www.google.com/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401...
https://www.google.pl/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&...

42 B
108 B

70ms
70ms

Image
image/gif

142.250.185.131
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.pl/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQIIz86xAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItf_oy_DNiwMVFzNVCB3-uyYOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2dlZWsucmVmdW5kcGF5Lm9ubGluZS9CV0NoQUlnUHpRdlFZUXpzWG90OTNNazR4bkVpMEFJQVNyQWJuNGpBX0tuajhUQjlpOHNVV3NaMmVaNmdobXpxM1V3OXB0RDl1TE9KbWRDZjloM3hUNkI2Yw&is_vtc=1&cid=CAQSKQCjtLzM4VTKo-KXJBYd2o6oVNu7uDSfV7AdHohTWYJLnhR4m-hTrPwG&random=1504824961&ipr=y

Requested by

Host: geek.refundpay.online
URL: https://geek.refundpay.online/

Protocol

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.pl/pagead/1p-conversion/740246542/?random=991124897&cv=11&fst=1720216292637&bg=ffffff&guid=ON&async=1&gtm=45be4730v883266441za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1880&u_h=401&url=https%3A%2F%2Fwww.mcafee.com%2F&label=-JZGCILu-YkZEI6I_eAC&hn=www.googleadservices.com&frm=0&tiba=Antivirus%2C%20VPN%2C%20Identity%20%26%20Privacy%20Protection%20%7C%20McAfee&npa=0&pscdl=noapi&auid=1937171007.1720215319&uaa=&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.127%7CGoogle%2520Chrome%3B126.0.6478.127&uamb=1&uam=Nexus%205&uap=Android&uapv=6.0&uaw=0&fledge=1&capi=1&data=event%3Dconversion&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQIIkMmxAgjTxbECCOvMsQIIz86xAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItf_oy_DNiwMVFzNVCB3-uyYOMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2dlZWsucmVmdW5kcGF5Lm9ubGluZS9CV0NoQUlnUHpRdlFZUXpzWG90OTNNazR4bkVpMEFJQVNyQWJuNGpBX0tuajhUQjlpOHNVV3NaMmVaNmdobXpxM1V3OXB0RDl1TE9KbWRDZjloM3hUNkI2Yw&is_vtc=1&cid=CAQSKQCjtLzM4VTKo-KXJBYd2o6oVNu7uDSfV7AdHohTWYJLnhR4m-hTrPwG&random=1504824961&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 18 Feb 2025 18:44:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 up Show response
ib.adnxs.com/pixie/ 9 B
316 B 252ms
131ms Fetch
application/xml 37.252.171.53
ASN-APPNEX

General

Check archive.org

Download Go to

Full URL: https://ib.adnxs.com/pixie/up?pi=25950e9e-a41c-4511-a70f-091444558b03
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/up/pixie.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
x-proxy-origin: 149.102.244.66; 149.102.244.66; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
access-control-allow-origin: https://geek.refundpay.online
content-length: 9
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/xml
server: nginx/1.23.4
access-control-allow-headers: Content-Type

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 5 KB
3 KB 99ms
97ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11454&programVersion=217

Requested by

Host: digitalfeedback.us.confirmit.com
URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e8fe5f48a0db4fa2fc35ada24048b60d4f3a382ca0b6cc528cfbba72185b2d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-p4t97
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015xf

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 10 KB
2 KB 107ms
105ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11925&programVersion=217

Requested by

Host: digitalfeedback.us.confirmit.com
URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c893619d581be099cb79c4c44d27b1c1b9722596ccb7f72df60f527c1764998f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-676l6
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015xg

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 6 KB
2 KB 107ms
105ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11416&programVersion=217

Requested by

Host: digitalfeedback.us.confirmit.com
URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

afa09844c4972ed76e34ed2bc21b0e290fbdbe7b065af2ebc4f3b963da07940d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-p4t97
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015xh

GET
H2 200 scenario Show response
digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/ 8 KB
3 KB 107ms
106ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=12104&programVersion=217

Requested by

Host: digitalfeedback.us.confirmit.com
URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/static/v32/intercept-survey.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

334eae8df28502ecc744f9ed4de9f83f9f38086221a3cca49f77f3594334505e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

x-robots-tag: noindex, noindex
access-control-expose-headers: X-DF-GEO-COUNTRY
content-encoding: br
x-fd-int-roxy-purgeid: 0
x-content-type-options: nosniff
x-confirmit-id: public-digitalfeedback-runtime-api-57f9fb449c-ngn68
x-cache: TCP_HIT
date: Tue, 18 Feb 2025 18:44:55 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
x-df-geo-country: PL
cache-control: public,max-age=86400
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
x-azure-ref: 20250218T184455Z-17c9df594d9p7cn5hC1PARgrf40000000cvg0000000015xk

GET
H/1.1 200
OK apple-touch-icon.png
academy.geeksquad.com/ 11 KB
11 KB 507ms
153ms Other
image/png 130.250.196.52
HCDL-MINNEAPOLIS-...

General

Check archive.org

Download Go to

Full URL: https://academy.geeksquad.com/apple-touch-icon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 130.250.196.52 Bullhead City, United States, ASN394899 (HCDL-MINNEAPOLIS-DATA-CENTER, US),
Reverse DNS: academy.geeksquad.com
Software: Apache /
Resource Hash: eb29deda344a11d92c85f154773262bfd33488c8305924780460518e202c145e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://geek.refundpay.online/

Response headers

ETag: "2b58-5514b329b7840"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 11096
Keep-Alive: timeout=5, max=100
Date: Tue, 18 Feb 2025 18:44:56 GMT
Last-Modified: Tue, 06 Jun 2017 14:11:37 GMT
Content-Type: image/png
Server: Apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: collector-30568.us.tvsquared.com
URL: http://collector-30568.us.tvsquared.com/tv2track.js

Domain: collector-30568.us.tvsquared.com
URL: http://collector-30568.us.tvsquared.com/tv2track.js

Domain: collector-30568.us.tvsquared.com
URL: http://collector-30568.us.tvsquared.com/tv2track.js

Domain: collector-30568.us.tvsquared.com
URL: http://collector-30568.us.tvsquared.com/tv2track.js

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.innovid.com/	1970-01-21 05:28:00	Name: uuid Value: "8599e7de-ed04-4f6d-b764-0a265c2e0a2e-20250218 13:44:54"
.adform.net/	1970-01-21 03:58:43	Name: C Value: 1
.adform.net/	1970-01-21 04:44:48	Name: uid Value: 130087277847275206
geek.refundpay.online/	1970-01-21 12:04:00	Name: __spdt Value: 9d0f9e6b28e24b7c866c4a8ac4d9b5df
.refundpay.online/	1970-01-21 12:04:00	Name: utag_main Value: v_id:01951a60a22c009506a45f678e8805065001e05d00b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1739906095468$ses_id:1739904295468%3Bexp-session
.refundpay.online/	1970-01-21 03:18:24	Name: t-ip Value: 1
geek.refundpay.online/	1970-01-21 12:54:24	Name: tatari-cookie-test Value: 62607466
.refundpay.online/	1970-01-21 12:54:24	Name: tatari-session-cookie Value: 7035943c-4ad1-0949-d666-017b924efd29
.doubleclick.net/	1970-01-21 12:40:00	Name: IDE Value: AHWqTUlkyxReryajiSOkdUe-bbOOD7LDDMpJUU3E87c8IdY1HWfKThSD7MuQAcv_UAY
.doubleclick.net/	1970-01-21 07:37:36	Name: receive-cookie-deprecation Value: 1

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://geek.refundpay.online/ Message: Mixed Content: The page at 'https://geek.refundpay.online/' was loaded over HTTPS, but requested an insecure script 'http://collector-30568.us.tvsquared.com/tv2track.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://geek.refundpay.online/ Message: Mixed Content: The page at 'https://geek.refundpay.online/' was loaded over HTTPS, but requested an insecure script 'http://collector-30568.us.tvsquared.com/tv2track.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://geek.refundpay.online/ Message: Mixed Content: The page at 'https://geek.refundpay.online/' was loaded over HTTPS, but requested an insecure script 'http://collector-30568.us.tvsquared.com/tv2track.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://geek.refundpay.online/ Message: Mixed Content: The page at 'https://geek.refundpay.online/' was loaded over HTTPS, but requested an insecure script 'http://collector-30568.us.tvsquared.com/tv2track.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://geek.refundpay.online/content/dam/npcld/adobe/js/210200/propandAT.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/custom_script_redesign.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/js/organic_custom_scripts.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/.rum/@adobe/helix-rum-js@%5E1/src/index.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/etc.clientlibs/ecom-aemcs-frontend/npcld/vue/clientlib-forms.lc-7f10c1792f5d1ccb3bfb7108b85d3e37-lc.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/content/dam/npcld/custom-scripts/organic-site/mcafee-redesign/js/swiper.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/_sec/cp_challenge/sec-4-5.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://geek.refundpay.online/_sec/cp_challenge/sec-cpt-4-5.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://geek.refundpay.online/ Message: Refused to execute script from 'https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://geek.refundpay.online/ Message: Refused to execute script from 'https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://geek.refundpay.online/ Message: Refused to execute script from 'https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://geek.refundpay.online/ Message: Refused to execute script from 'https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://geek.refundpay.online/ Message: Refused to execute script from 'https://digitalfeedback.us.confirmit.com/api/digitalfeedback/loader/prod/scenario?programKey=DAixoz&scenarioId=11879&programVersion=200' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://c.go-mpulse.net/api/config.json?key=LXNDQ-3SP7Y-P3JVN-Y4HAH-VQNKC&d=geek.refundpay.online&t=5799681&v=1.737.0&sl=0&si=4155f532-c306-4188-bb2d-40049b2fccfb-srw6qt&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=250743 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13175879.fls.doubleclick.net
a2.adform.net
academy.geeksquad.com
acdn.adnxs.com
c.go-mpulse.net
cdn1.adoberesources.net
collector-30568.us.tvsquared.com
connect.facebook.net
d2hrivdxn8ekm8.cloudfront.net
d2v83son8kay5v.cloudfront.net
digitalfeedback.us.confirmit.com
fonts.googleapis.com
fonts.gstatic.com
geek.refundpay.online
googleads.g.doubleclick.net
ib.adnxs.com
media.mcafeeassets.com
pixel.byspotify.com
rtr.innovid.com
s-static.innovid.com
s.go-mpulse.net
s.yimg.com
s2.adform.net
sp.analytics.yahoo.com
tags.tiqcdn.com
td.doubleclick.net
upload.wikimedia.org
www.google.com
www.google.pl
www.googleadservices.com
www.googletagmanager.com
collector-30568.us.tvsquared.com
104.70.95.190
13.107.253.45
13.33.187.58
130.250.196.52
142.250.184.202
142.250.184.226
142.250.184.232
142.250.185.131
142.250.185.196
142.250.186.102
142.250.186.34
142.250.186.99
157.240.253.1
18.171.5.222
18.173.206.189
18.221.31.22
185.15.59.240
185.167.164.48
2.16.10.177
216.58.212.162
23.209.208.19
23.213.165.19
23.213.169.28
23.38.80.134
3.161.75.225
34.117.162.98
37.157.2.250
37.252.171.53
54.246.144.89
62.60.227.21
87.248.119.252
046a7b74ff366e3712939c98ccc882a1c8243ea0c8bf47ff3c79e58626dc976d
05c0d1aa20a4865bc9ad7915fd0ff93bf25cb90c16e01f97965c45e8df721050
0c11a484d3e04cbe13f464be1cc5fcdf9981b552ee0f80f7a257321201070499
0d42196928f167149c031c5ed794d67deea3436b6aa49bbd421da3b749f05dea
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fbe13483f1a5aeb7d0fe84919e2b980f7acaa5c63e16b3d5e6f8f20751472d8
11b81048d069d094bd303ce281200d3013ed56a2aac2e8fdc9d5ce7570ffdd25
16d1a5c6808952064c6b3e3eb4fcaf16b380be031e5936d74d5dce4ba7aeb549
1c19f0588c0b2e50b33c86704dd9c868f9c2a90accd729927b119c1426618099
20a050eca9940a35106a14974adb679ab8eeeebb928bcba147ed9dc6d715634b
211e7e6350e97a63bdb1fef3e19d7c6cec31f0832cbbc08357e394743da0cfb7
2170edf920df8db1736b378cacb7cbbb19d9693f32a60348d31e285ab9744591
22aea14693655e0fa33cc4aa8606714bcd6cfc66c6bc320ee70661116034ad1f
22c3e32be01d8accada02d536093064df81aa7f0a922dde057e3e5fb8ea240ff
23761d2b990112f0a8f2b4f56247f239433b2623abedeb10d6d020ccfc66cc92
2f97445bf03cb36aedf13f43683820f40828c48c3712d9724309b679765eff5c
334eae8df28502ecc744f9ed4de9f83f9f38086221a3cca49f77f3594334505e
3742dd40334a546f5991ea8fd2f270c55f198dde0eb113931084501464c87862
3e2bd06e76ce8735cc68b7434ec855624b27183f781f6504e8a5f2296111b049
436160406522cd7167fd0aa7cefdc642f63a973ff340511cdecaee67d30b20ba
438a59ae39cbd3d419fc5f1ed3a25f4e7d396b045af2f7d0d270b0dec974e25f
46ec3c72601c546bda419a95d91be94b598ede0e8b758c7e075f1d73be48befe
4cb0590eff10867e3627919169a185745865cc811679715528905e80f555fe3f
4ce73fee18338b9e998c987fb95cde99c53f10faefeb3c09472fabfba80092ac
4dafc5d60a0cdc3b677a4cd543239bead37d550f86d89ec5210935ba15872ce1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5401d0ea17631968fb3a650a32101c83ebf862cb9129dccd0e75b63b676c5ee7
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
58980a0847af0d0abcafdefc652d6743470865c9a1be90acbe2cdd1a0fba16eb
6048215facd457c0cdb099cd2863b4b9b751410639223d2702ca1645d4c557bd
60a5cd1fa7584475521f5f849d95e9853cbcf2993215e08d2316fc0c3ecbd5c9
639259c62e76d2ebf4e37b0ac48d3dddc4ef7fd862cb79298fc08b42d2d4323b
6a46ff0fc9d5f7c6b5c3b6b304daf9969806d0e843727321bdf24620f2739285
6b6343ecc094a865e380e09646248dcf27234515d87ea078eb15c3ca0502e8d3
6be99a1f79d9e635ac70eba4a25304b510267c2c5c0a6a31d25fa4aeab600655
6db4032e547ca1994e1bf21488dab79c10cdfbcc0c54f4d2faa7ff3cf885feaf
714fb46754a94b252dcfc9add242c997e49ab92368766ad716c5649f2ddb39e5
72eec63e5e08a7445b2edf1b063f2ed8024475656f6136d6e70e24e595ff3141
7662e7746d4484a1466f8323bfc24c222f4fe44059b8142d576055087d9f4d33
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849c80cfd880ab58172cb0fefc79d66f90c3862adc587c8c71c057d4688444a2
862687167c338b90aa741e24c4b0fab71b4d11a4c578f3717e394bdba74a2dd4
86f2eb97cc1f3909c12e4512de9e267215d94ac5aaee9393d0f007f18c34e8ba
87d73937e379c75662cdf30ce4779f193d099a04f50aa372a02c76c4deaf1398
88ff719d147f3058f5db369caff1a1e253ea7dd028e04dc62293797c0d6379ea
891c8660875e6e26c5f2b1361e29756c836a7262146b11a766acc82a46f6b25c
8f297c169f8ebbdf0215eecbc7efb6424aed391c4a027e115066303027254838
908aab06467ca03c7cfa00ce23918a9e370e7311333f15b1159b1d6d033ee320
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9652e715f27cd9a19a1a82fd9100ae59f555bd34481b71a86c357fc2c0258a7e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a34a0bef36079aa63c5d046841b09d4a49a0125dc1ef0c6b78051fdaf6176bae
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a757ad837f4e3eec26061158ff89d3dc3bc50d56a5f9891ab36eef9984851e79
a9ae1a718ac2c3f4c8e06163475309bc1d6b64ec0ed2c5774efa3f85c5a6b2fb
a9c7e9e12167024309fcdf158863346a9ffbb68b9addd7535f39e65b1025f614
acc825a9af5410e4446f11fd9edcce760a852fc87ac2db717a526ed88083c7c5
adf784d41eb8bcccbafdc0a834a61f95193325ce40c0aa305ddf9608c9b023f8
afa09844c4972ed76e34ed2bc21b0e290fbdbe7b065af2ebc4f3b963da07940d
b6c853599923274f6530cee7363d0df1eb3fa4e3a1b7cb93168936447872c6a2
b7c8f72467bf2d974e2c436a8d5a5443466845b38a09f037c11d39dfeb21a8fb
bedbe464f8008f69d359b9781b6c77aeaa3f6cff27dcc05d34461c47d8291c77
c68a273bf2b08c99c46ac43d1059b8067818b3b889fa890b068d942a957a000c
c789a7bf47f5c905ed597b042f384f62e299ff222f935290f9a4983e2567d3c0
c893619d581be099cb79c4c44d27b1c1b9722596ccb7f72df60f527c1764998f
cbe292e9a846a8c560f7d5cbc7090b111b1385ebacd1be5f8b6ffeb80d5fec4e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd50e3521ce85d213b437cf3a067530a29b18cefe4b4953f70cba193d1dec7d8
d1326a8ceef4865b3ee36e2df0f779f2eadff2738e2b76d2ae7acdfcdbe0be83
dc72841257c860e78b94bf0e0ba6d3d854c922fe834c29085fe388d9d1774293
de25ff38288676dc79292a95d410944c2045e6e09c5e4563c40d08c615a20c54
df792bd1cd687d8b95ecb74896a118200ff4e115a40e5c8656a34184c0496180
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b9a4d34a563158069f54e72a34585d7a2a25f753b9b30220d429d2bc8624b8
e8fe5f48a0db4fa2fc35ada24048b60d4f3a382ca0b6cc528cfbba72185b2d4a
e9d4abb2b79cef3c50464a14384e7f38fbe94e033095e7021b9d0d815bc980bf
eb29deda344a11d92c85f154773262bfd33488c8305924780460518e202c145e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efde75dbb4ad9b20dd42d67529e8dccd0fbbe143d1b3d66540cdcb763157e781
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

geek.refundpay.online Open in urlscan Pro 62.60.227.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

95 %HTTPS

0 %IPv6

24 Domains

31 Subdomains

32 IPs

7 Countries

1017 kBTransfer

3570 kBSize

10 Cookies

30 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

geek.refundpay.online Open in urlscan Pro
62.60.227.21 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

31
Subdomains

32
IPs

7
Countries

1017 kB
Transfer

3570 kB
Size

10
Cookies

113 HTTP transactions
1 data transactions