juicyfields-refund.io Open in urlscan Pro
162.0.214.240 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://juicyfields-refund.io/
Submission: On August 27 via automatic, source certstream-suspicious (August 27th 2022, 6:51:29 am UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 5 domains to perform 52 HTTP transactions. The main IP is 162.0.214.240, located in United States and belongs to NAMECHEAP-NET, US. The main domain is juicyfields-refund.io.
TLS certificate: Issued by R3 on August 27th 2022. Valid for: 3 months.

This is the only time juicyfields-refund.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	162.0.214.240 162.0.214.240	22612 (NAMECHEAP...) (NAMECHEAP-NET)
20	2606:4700:303... 2606:4700:3036::6815:334b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
52	10

5 162.0.214.240 (United States)

ASN22612 (NAMECHEAP-NET, US)

juicyfields-refund.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3036::6815:334b (United States)

ASN13335 (CLOUDFLARENET, US)

cloud-s1.juicyfields.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	juicyfields.io cloud-s1.juicyfields.io	645 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	370 KB
5	juicyfields-refund.io juicyfields-refund.io	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54 translate.googleapis.com — Cisco Umbrella Rank: 957	267 KB
3	google.com www.google.com — Cisco Umbrella Rank: 9 translate.google.com — Cisco Umbrella Rank: 1239	29 KB
52	5

	Domain	Requested by
20	cloud-s1.juicyfields.io	juicyfields-refund.io cloud-s1.juicyfields.io
7	www.gstatic.com	www.google.com juicyfields-refund.io translate.googleapis.com www.gstatic.com
5	juicyfields-refund.io	juicyfields-refund.io
2	translate.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	www.google.com	juicyfields-refund.io www.gstatic.com
1	fonts.googleapis.com	cloud-s1.juicyfields.io
1	translate.google.com	juicyfields-refund.io
52	8

This site contains links to these domains. Also see Links.

Domain
translate.google.com
t.me
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
juicyfields-refund.io R3	`2022-08-27` - `2022-11-25`	3 months	crt.sh
*.juicyfields.io E1	`2022-07-20` - `2022-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://juicyfields-refund.io/
Frame ID: 409B32E789273DC24EC951BA74193771
Requests: 47 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7kikaAAAAAMj6F0kLQaveIgdPvlQczvnbG18M&co=aHR0cHM6Ly9qdWljeWZpZWxkcy1yZWZ1bmQuaW86NDQz&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=fcq6ngq3ybfo
Frame ID: AF0A30592CA9BDAD2F831A768E8C8ABA
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: FEBAD0FF09BC926A9CC1CA82FA2C4708
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JuicyFields

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yii (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

/yii\.(?:validation|activeForm)\.js

jQuery-pjax (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]pjax(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

52
Requests

77 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

10
IPs

2
Countries

1325 kB
Transfer

2817 kB
Size

2
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://translate.google.com/
Title: Google Übersetzer

Search URL Search Domain Scan URL

URL: https://t.me/juicyfieldsio

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Jsflds/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/juicyfields.official/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/juicy-fields

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCENgckQuN-NQOkzBwk0BnXQ

Search URL Search Domain Scan URL

URL: https://twitter.com/Juicy_Network

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
juicyfields-refund.io/ 20 KB
5 KB 631ms
299ms Document
text/html 162.0.214.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://juicyfields-refund.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.214.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: a87562866b11f6965cc026139110d7cf9540bd431a9890ff5236263be68a3daa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 27 Aug 2022 06:51:23 GMT
Keep-Alive: timeout=5, max=5
Server: Apache/2.4.52 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 all.min.css
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/css/ 58 KB
13 KB 193ms
54ms Stylesheet
text/css 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/css/all.min.css

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:12:29 GMT
server: cloudflare
etag: W/"60fc2ddd-319b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7%2FXIAitM2by7rM0E4fTtZ3Y3SMt5moWT1i2AoK4H09Z%2FnHhDEw0UbZALIqIaG0dryLAd4yedIdv6KVJMafjgOLksm0eEjEvRtckkfOTrV09LVRP3Lo755opX6dpKhXrfOEXndTOSr6VxrC4hBQ4Pc%2FtDmVUmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e26977bb43-FRA

GET
H2 200 bootstrap.min.css
cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/css/ 152 KB
24 KB 167ms
28ms Stylesheet
text/css 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/css/bootstrap.min.css

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996738
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 14:59:35 GMT
server: cloudflare
etag: W/"60fc2ad7-5a07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8%2Fw%2BBD0Uees%2FGPJFlIoeigtRWCsqUtmn76mxFQ83%2FgDOMGZixZigwHUyzV7y3fMgi8Xi6ncFNOWyoOeyjVKRGSewDLIVptUUv5bDMTZS4ugmf3YKmVsrNoMr86s13%2FZ2TYJaMsBXLW5slsDl4HBvPLnjzs0nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e26978bb43-FRA

GET
H2 200 jquery.fancybox.css
cloud-s1.juicyfields.io/lib/fancybox-3.2.10/ 14 KB
4 KB 164ms
26ms Stylesheet
text/css 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/fancybox-3.2.10/jquery.fancybox.css

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdc92651c42691d15fb282930a9d901021fd2acddaead3d12ff9fecdb5e455a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996740
cf-polished: origSize=17412
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:20:19 GMT
server: cloudflare
etag: W/"60fc2fb3-df2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FsAP%2BbcWdLfjjpwRJl42a0FvPBTxo8t%2BcI8K6%2BLxCWfNVg37DrOEYPhz0L0OJzyhgBLDlNTbXmx6QIntnVVsGFk3vwT9CPxF5%2FfLzH%2Fq0KeyAq28vDLcvk1l4u4cSIA%2FQipwTEs%2FyrmJq2l2B1Urd7geInVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e26979bb43-FRA
cf-bgj: minify

GET
H2 200 custom.css
cloud-s1.juicyfields.io/css/ 36 KB
7 KB 196ms
58ms Stylesheet
text/css 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/css/custom.css?v=1645809388

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa798eed069cef8bd27f9d48eff93f6cbaf15534d00af64ae9d57eb8b4524fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 08 Aug 2022 19:01:09 GMT
server: cloudflare
etag: W/"62f15d75-192c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whe90Anwk6Hyx%2BWLpZUmc6QIkXFf%2B4uUOSCPIX614%2FsFQV7jf2KjMnsWwb5HwQx96yGJb3kuyIrgGI7NTUhuSeBD%2Fg3o7VUA%2BKHP5mfIYhKiA5dOuTjesPBEG%2FexmAI4hhF38aa3ZxJSgPdlZO8wkAChNgIWZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2697abb43-FRA

GET
H/1.1 200
OK toastr.min.css
juicyfields-refund.io/css/ 6 KB
3 KB 152ms
152ms Stylesheet
text/css 162.0.214.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://juicyfields-refund.io/css/toastr.min.css
Requested by: Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.214.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 06:51:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Aug 2022 05:48:53 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1936-5e73295f498c4-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=4
Content-Length: 2836

GET
H2 200 logo-white.png
cloud-s1.juicyfields.io/image/guest/ 6 KB
7 KB 20ms
19ms Image
image/png 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud-s1.juicyfields.io/image/guest/logo-white.png

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743c128a4497054c7ed51d482291f374094ccb8a7bd906f8306c8351fdacda44

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5798902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6311
last-modified: Wed, 17 Jul 2019 04:52:00 GMT
server: cloudflare
etag: "5d2ea970-18a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owjcEyJcMqJgukCrkHHVedM%2F1lVGkf8e53%2FsjkZcKyeSg95TPB4Wy6v8EnYKXPWZBqEEJxUK%2B2r0Wu%2Fcb8bqjm%2FQJXqjKFRcVbQ9cyu679qlhuefdT%2BjKXmjjlhD2Byj6nutaiZI5TDWL7YlBCYbPruTR76oGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7412e0e279a7bb43-FRA

GET
H2 200 arrow-btn.png
cloud-s1.juicyfields.io/image/guest/ 3 KB
3 KB 53ms
52ms Image
image/png 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud-s1.juicyfields.io/image/guest/arrow-btn.png

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac80c5a817d540c2ab8b51dd19fc6b94f15cba0430924935af3810ee0c09509f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3156
last-modified: Wed, 30 Oct 2019 09:11:47 GMT
server: cloudflare
etag: "5db953d3-c54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMXMeeDNf1hhkiVj087dPXVuSBTEbOezLU4YlF7AdkNgkemjLZMZefrNcxq6F7Xzz6MZcwyZYdkh2tfwqNCng22C539fOypT6D51JaHN0%2FROv94eUSHhDG6Rk6XEeAJHxwQiqX70k2WOz6342KsmEKjc1xrCmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7412e0e279a9bb43-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 139ms
50ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a7dcb207863b588dd58e49adb2dc0fca02fae2bd10571e7ccd087067ae09f12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Sat, 27 Aug 2022 06:51:23 GMT

GET
H2 200 jquery-3.4.1.min.js Show response
cloud-s1.juicyfields.io/lib/jquery-3.4.1/ 86 KB
31 KB 149ms
27ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/jquery-3.4.1/jquery-3.4.1.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5796251
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:08:25 GMT
server: cloudflare
etag: W/"60fc2ce9-7741"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wRgAr5jtfmXJhNl2oV041vhKCx51G5r0XJadZ8F6Qi41f7K81FblA8Pqf72M1E8bhB64XpEPoKBZ%2B30JvdkUFih5fi8FrDt3ACBI2%2BSPaW0wRlf58BLrhcQZyeUIhTxnax1tyP7aaOv9%2FduuV9b7Pg%2BgyFotFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2697bbb43-FRA

GET
H2 200 yii.js Show response
cloud-s1.juicyfields.io/lib/yii/ 8 KB
3 KB 148ms
26ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/yii/yii.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996738
cf-polished: origSize=20934
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Feb 2022 23:53:20 GMT
server: cloudflare
etag: W/"61fb1970-168e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ns2jqXhXuCveXy7W24Bp4NqQhN%2BE1WBUHQVn5HU7FE67t%2FUOjFhrP58KhTXhpwwHMROPwuXVL0WnGYCrEq6AUymeRZQXBMYQwMrBKmtVf9Rowq2qLRHXAb%2FGgkGTrqOKJtV3Fv7qJElrWGAKsCDTgzWeiA7uwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2697cbb43-FRA
cf-bgj: minify

GET
H2 200 yii.validation.js Show response
cloud-s1.juicyfields.io/lib/yii/ 9 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/yii/yii.validation.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c0e975f3e42b8333360672d56901e82913d033e1c7aa041dc17f0d2957c2152

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996738
cf-polished: origSize=16405
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Feb 2022 23:53:20 GMT
server: cloudflare
etag: W/"61fb1970-be7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGZi%2BwN9wcxAJpwfX2yVpq%2BkcwWIHEr5vZs17af6Kk78p8hvE19uj5NOLVCe0BEv4ONDIR5wX3Kz0LrawL8oWIc%2FvILuCayzN9oJG1FKpS1UJeCVTsmjnMzich8iSGm4libmUdgb2eS35VRZNidwqDR3Qymblg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e27997bb43-FRA
cf-bgj: minify

GET
H2 200 yii.activeForm.js Show response
cloud-s1.juicyfields.io/lib/yii/ 15 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/yii/yii.activeForm.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c705f2b3e11d60cb56c82676c3675664e38975dc6961c36c5716d8e3d4cb3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996781
cf-polished: origSize=36765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Feb 2022 23:53:20 GMT
server: cloudflare
etag: W/"61fb1970-1cdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEet0hxVlzQS4EHFzEvUXGk6soqfJqhjeMHVK8Ai1qzKoUiywf82R8YwR9A52W9Vi3EjPV2LK2HNit4FZ%2BPzMa85LiPp04pFTBk7R7L4FdD3Jz1SVJi2Fd3ZLwNIvVDCkJVzHQxjTUJJp6qem87Kq4IlVKF5mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e27999bb43-FRA
cf-bgj: minify

GET
H2 200 jquery.pjax.js Show response
cloud-s1.juicyfields.io/lib/yii/ 14 KB
5 KB 18ms
17ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/yii/jquery.pjax.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06ab97f18cf290ffa4879a0216940c4d93909ea30be93f16c12d90e612eb59f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996781
cf-polished: origSize=29274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 02 Feb 2022 23:53:20 GMT
server: cloudflare
etag: W/"61fb1970-23b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnkeL3EhDVOkpHM10%2BeP1qGJdXvMH8iWuMCVKQOCmCEy1Ozc9a%2FY5l%2FNotHpUPMp%2BC0n0%2BF4Eawc29UGVRMvovXU72JtxtFsM6hMvRhslWZOni0wZCcVNu9alqN0vys6xuW%2FtdyjW9TVNKRylknOdjmhDbPCog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2799abb43-FRA
cf-bgj: minify

GET
H2 200 popper.min.js Show response
cloud-s1.juicyfields.io/lib/popper/ 19 KB
7 KB 19ms
18ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/popper/popper.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996782
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:12:29 GMT
server: cloudflare
etag: W/"60fc2ddd-1ac8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOWzzqqBjO4SrOyWs%2BftRUocvQIo1b9LGt38GDsKD8IQXjL6fgiJf%2FHmkW%2F0qcSB7ycpNtgVphgbYLKI5LmSurNOMAoIjKgTMm1Q4ZXQ1geD6xjE7WQLVMfR0e7idW%2BdVp6DvsPkf%2FeMOg5xlfGGLZ31eXdCQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2799bbb43-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/js/ 77 KB
23 KB 20ms
19ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/js/bootstrap.bundle.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 14:59:35 GMT
server: cloudflare
etag: W/"60fc2ad7-56cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CigK2JgnJKGckaud9JRrfI2ftBCIfbNE32ATz4EeFi9WWSTT9KuwjwG1bX9ASe8zcPPSqGlTUpZ6JJX8rBoEPSl4K4MpCt1VtUyyYiv7HrKE49qvN1wWQuiOFBRnzee7Z2ASPs9RVTTW7i284mGZPVbxci8img%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2799ebb43-FRA

GET
H2 200 math.min.js Show response
cloud-s1.juicyfields.io/lib/math-5.1.2/ 519 KB
132 KB 35ms
34ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/math-5.1.2/math.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e057dc25f78a7b5ca63095867aa4614bdfb645f2b1091c1f062fd7363593000c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5798902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:20:19 GMT
server: cloudflare
etag: W/"60fc2fb3-218f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFHc8MrIDqkUDEYgiMG5F%2Bx7MfsBolCHMxg%2BRMt06j3VwVklX2ZMHi1hynnEz7Yv0k0MBL8nXhEjo7193CjaiNWQfWNbcrrhdtBFF5vEs79lE1cQJIIBw7thyVpj56%2F%2BYAhcjf1mgbd78vwBnQuC6J16hOqTZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e2799fbb43-FRA

GET
H2 200 jquery.inputmask.bundle.min.js Show response
cloud-s1.juicyfields.io/lib/jquery.inputmask-4.0.6-dist/ 116 KB
29 KB 25ms
24ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/jquery.inputmask-4.0.6-dist/jquery.inputmask.bundle.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051d9094809f486fa519551c9dda963f7b1cb2065793c099456db473f3d31e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996781
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:20:19 GMT
server: cloudflare
etag: W/"60fc2fb3-6d90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkanYeR68DZWw%2BOIgBF2INl2uiC0ML5XdXjSwCecJ%2BV9vHxWH7KsQr0y12BdMc0dMQnf%2FQFLfhigYXqlWyfuhaZ094%2FHZMX0BhCa8RgFDbahlqxTBesWlgq1yR%2FZM4XzlzAQY81R770UI3spD6P7rgt1%2FWIbjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e279a1bb43-FRA

GET
H2 200 js.cookie.min.js Show response
cloud-s1.juicyfields.io/lib/cookie.js-2.2.1/ 2 KB
1 KB 21ms
20ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/cookie.js-2.2.1/js.cookie.min.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03024fe57f2a4e0592e8c3e709d38b3769c93355753c24b8e386258a7a1caadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5798902
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:20:19 GMT
server: cloudflare
etag: W/"60fc2fb3-3ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bb2uwES6vudrAfIWi6y76LRrqHDRoKsOwlGrUrUcHANbYD2y0uMiHWqx0Yhbu8raHAU8z1JZ2UhIlwzGAbbTtIVfIMmIXEYqqNlxy50ke8P266Ux9VJalFcBwQeU9HFTwdt1FMWFv0n%2FaCHAxUssbFQpEnu9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e279a2bb43-FRA

GET
H2 200 jquery.fancybox.js Show response
cloud-s1.juicyfields.io/lib/fancybox-3.2.10/ 79 KB
23 KB 22ms
21ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/lib/fancybox-3.2.10/jquery.fancybox.js

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

188ff4d251f37ac33980dccac8afea788e030d8058fde62e6e7a6cea099d4c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996739
cf-polished: origSize=154104
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 24 Jul 2021 15:20:19 GMT
server: cloudflare
etag: W/"60fc2fb3-8bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWZSp4Lyf0kOq%2FSNqtn9W7hevqgSowOtJfVVII3Xqi%2B7U%2FBlhWZeZvY%2FHgZCSpiyP0tkPCtUDHWOA2cG87%2B%2Bph%2FGXLUg3LMUAnssHGU8kzaY5K03159t0r8iYgPjKpvfW5kPaFJJ%2BbjjvFFpsy328kTlWP%2BCXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e279a4bb43-FRA
cf-bgj: minify

GET
H2 200 init.js Show response
cloud-s1.juicyfields.io/js/ 2 KB
1 KB 25ms
24ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/js/init.js?v=1644313369

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af01241657ad3ea718b064adb74d0ef1bda2465ddb9e3abb17aaa641436e9666

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9996781
cf-polished: origSize=2703
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 08 Feb 2022 09:42:49 GMT
server: cloudflare
etag: W/"62023b19-4a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3sBYTZx4xikUuDO5zoJ9nf2pHWbpvY%2FqKut%2BNEsldxX8T0myvWRM08LipwoYzSk9dPr%2Bl6c%2FfhjF4hAG7A3k%2Bi0HEmKfYrqHQsGSBnKG%2BH1bzP1h7kirvD8wWEtNPMtoIJTIOWzjRC%2Bm1VBL2etIipRAtCTxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e279a5bb43-FRA
cf-bgj: minify

GET
H2 200 guest.js Show response
cloud-s1.juicyfields.io/js/ 13 KB
3 KB 52ms
51ms Script
application/javascript 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud-s1.juicyfields.io/js/guest.js?v=1643711916

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7c8a01d0fbc2f28833642fa805b557660d173d1827246459e3979d28d3401cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 16:41:45 GMT
server: cloudflare
etag: W/"62e953c9-b56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEkch7u%2FOanbOemFRrR8smEG96B6sV2vx5Y84uNELrGuKYP3KGbRmig1347iKtQUjo0ODX8ytxiMIOANQTCjrqJ95WqZjkOasAsyE3KM%2FYTb9ED3zo64F4hPu97v2gClxlm8tICQsAofi2wWodesvvMNyCugNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
cf-ray: 7412e0e279a6bb43-FRA

GET
H/1.1 200
OK toastr.min.js Show response
juicyfields-refund.io/js/ 5 KB
2 KB 287ms
151ms Script
text/javascript 162.0.214.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://juicyfields-refund.io/js/toastr.min.js
Requested by: Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.214.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 06:51:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Aug 2022 05:48:54 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "1483-5e73295f880db-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=3
Content-Length: 2014

GET
H/1.1 200
OK app-config.js Show response
juicyfields-refund.io/js/ 1 KB
913 B 439ms
151ms Script
text/javascript 162.0.214.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://juicyfields-refund.io/js/app-config.js
Requested by: Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.214.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 3770a9a0182c216ed1b881b9dc56d101b5cbbcc17c587439c5105235980b84d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 06:51:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Aug 2022 05:48:54 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "445-5e73295f84259-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=2
Content-Length: 572

GET
H/1.1 200
OK utils.js Show response
juicyfields-refund.io/js/ 8 KB
3 KB 454ms
151ms Script
text/javascript 162.0.214.240
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://juicyfields-refund.io/js/utils.js
Requested by: Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.0.214.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 979adf7d61df1d8710462f3a4496d9b79d99c4bfbce13398b25a422bacdeeacd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 06:51:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 27 Aug 2022 05:48:54 GMT
Server: Apache/2.4.52 (Ubuntu)
ETag: "2051-5e73295f880db-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=5
Content-Length: 2514

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 151ms
54ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8cca962f96d12d6d13a07d813e1e2d42359663740d87399452430fb648bb8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 06:51:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ 391 KB
156 KB 141ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://juicyfields-refund.io/
Origin: https://juicyfields-refund.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 22:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159350
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 22:02:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 393 B
814 B 131ms
48ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patua+One&display=swap

Requested by

Host: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/css/custom.css?v=1645809388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud-s1.juicyfields.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 06:51:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 06:51:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 06:51:24 GMT

GET
H2 200 plant-dark.png
cloud-s1.juicyfields.io/image/guest/ 320 KB
320 KB 19ms
18ms Image
image/png 2606:4700:3036::6815:334b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud-s1.juicyfields.io/image/guest/plant-dark.png

Requested by

Host: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/css/custom.css?v=1645809388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51a69d8519ae10132a41c16918a97bd3d48728c40eeed04bd4fce49de64dcac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cloud-s1.juicyfields.io/css/custom.css?v=1645809388
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:51:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1647516
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 327380
last-modified: Fri, 11 Oct 2019 14:57:12 GMT
server: cloudflare
etag: "5da09848-4fed4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KqLb9vjyVNH8YH1Ho2HuZa2tLLI9QfWB3Dcp6OpPnSjTr%2FlVHyS9Rj7P9%2FlDyyPUtQwYmsvvy4FxLF7rDSgUsu8ijVFzX3lNfQMF%2B5O2lTEOjvkK7iOmp2O2s8aJs6%2FPeW3WE5SsxnSaP3e7vbcwfaS9b69Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 7412e0e3ab4fbb43-FRA

GET GothamPro-Medium.woff
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET
H2 200 ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ 13 KB
13 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://juicyfields-refund.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 23:59:07 GMT
x-content-type-options: nosniff
age: 370337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12876
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 23:59:07 GMT

GET GothamPro.woff
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET GothamPro-Bold.woff
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET fa-solid-900.woff2
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET fa-brands-400.woff2
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET GothamPro-Medium.ttf
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET GothamPro-Bold.ttf
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET fa-brands-400.woff
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET fa-solid-900.woff
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET GothamPro.ttf
cloud-s1.juicyfields.io/font/gotham/ 0
0

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 140ms
39ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:26:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:26:14 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/ 262 KB
262 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 08:27:20 GMT
x-content-type-options: nosniff
age: 80644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268004
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 21:14:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 08:27:20 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame AF0A 7 KB
1 KB 173ms
92ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7kikaAAAAAMj6F0kLQaveIgdPvlQczvnbG18M&co=aHR0cHM6Ly9qdWljeWZpZWxkcy1yZWZ1bmQuaW86NDQz&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=fcq6ngq3ybfo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8fe7cb2e2ca27c244b5a8ae485cc3ee3bae8159acde4afd047297f9f95d047e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ae0bht4ZaAaR4xjeBQTizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://juicyfields-refund.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1050
content-security-policy: script-src 'report-sample' 'nonce-Ae0bht4ZaAaR4xjeBQTizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 06:51:24 GMT
expires: Sat, 27 Aug 2022 06:51:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET fa-brands-400.ttf
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET fa-solid-900.ttf
cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/ 0
0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame AF0A 52 KB
24 KB 119ms
40ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le7kikaAAAAAMj6F0kLQaveIgdPvlQczvnbG18M&co=aHR0cHM6Ly9qdWljeWZpZWxkcy1yZWZ1bmQuaW86NDQz&hl=de&v=3TZgZIog-UsaFDv31vC4L9R_&size=invisible&cb=fcq6ngq3ybfo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 23:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 23:11:48 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/ Frame AF0A 391 KB
156 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 22:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159350
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 22:02:06 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Aug 2023 22:02:50 GMT

GET
DATA 200
OK truncated Show response
/ Frame FEBA 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
870 B 113ms
113ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:43:18 GMT
x-content-type-options: nosniff
age: 486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 06:43:18 GMT

GET
H3 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
934 B 112ms
111ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: juicyfields-refund.io
URL: https://juicyfields-refund.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://juicyfields-refund.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:36:00 GMT
x-content-type-options: nosniff
age: 18924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 01:36:00 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 111ms
111ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:43:19 GMT
x-content-type-options: nosniff
age: 485
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 27 Aug 2023 06:43:19 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AF0A 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3TZgZIog-UsaFDv31vC4L9R_/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 126675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 01 Sep 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame AF0A 15 KB
15 KB 115ms
39ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 329599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Aug 2023 11:18:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.woff?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro.woff?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.woff?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff2

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff2

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.ttf?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.ttf?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro.ttf?v=1

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.ttf

Domain: cloud-s1.juicyfields.io
URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.ttf

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.juicyfields-refund.io/	1970-01-20 05:34:29	Name: XSRF-TOKEN Value: eyJpdiI6IjFOdUFGYWhaRkNvVnEzU0RrZjk5MlE9PSIsInZhbHVlIjoiS2plSUZtamk5WldxbDd3WDhBVkVGQ3NHTmxoM3I4WGFaOUxEdjNOL1VQRFFWbXpGa1VjbXRPVmlpbWdnMkZVT3h3WlFmdDNaN2s5NlhPQ0w5Sm93Tjh0d01ONkdQdkpZc1l2dDlDclNyL0pkaW1PbXdnWVd1a1hoR0RZYjl6eWUiLCJtYWMiOiIyYTM1YWY4NmEyYjZmZDEyYzZjZTM4OGEyNjc5NThkZmRmNGUzOGVhM2U2MmE5YWU3YjNlZDU2ZTFhODVkYTQ2IiwidGFnIjoiIn0%3D
			.juicyfields-refund.io/	1970-01-20 05:34:29	Name: APP_SESSION Value: eyJpdiI6Ijd6UVBzR0ZEbjFyM2JGNUpzNzdISUE9PSIsInZhbHVlIjoiVGFkNXpFQTZEcForSDhIZlpxNitrcnljSVFZNEdMMWIyZ3JNMkxybEJoUFhCQzB1WGV6ODU5MWdieFppOXR1N3BSb0tjeU8wQkNGeVUxV3JTaUZhRCt3ZE81d1ZMUjRCalFXL0VERTh3WHhLZTR4bTdYcEtmdEc4c1diTzN1ZHYiLCJtYWMiOiIxODI5N2U0NGI2MDg3YzE3M2MxMmZiYjk1MzZlNTM0MjljZGRjMTZlMjcxZDAyNzE1ZDUxOGE3ZDUxNmZhYmJjIiwidGFnIjoiIn0%3D

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.woff?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.woff?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.woff?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.woff?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff2' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff2' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro.woff?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro.woff?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.ttf?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Medium.ttf?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.ttf?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro-Bold.ttf?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/font/gotham/GothamPro.ttf?v=1' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/font/gotham/GothamPro.ttf?v=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.ttf' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-brands-400.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://juicyfields-refund.io/ Message: Access to font at 'https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.ttf' from origin 'https://juicyfields-refund.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloud-s1.juicyfields.io/lib/fontawesome-free-5.15.1-web/webfonts/fa-solid-900.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud-s1.juicyfields.io
fonts.googleapis.com
fonts.gstatic.com
juicyfields-refund.io
translate.google.com
translate.googleapis.com
www.google.com
www.gstatic.com
cloud-s1.juicyfields.io
162.0.214.240
2606:4700:3036::6815:334b
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:830::2004
03024fe57f2a4e0592e8c3e709d38b3769c93355753c24b8e386258a7a1caadc
051d9094809f486fa519551c9dda963f7b1cb2065793c099456db473f3d31e55
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
188ff4d251f37ac33980dccac8afea788e030d8058fde62e6e7a6cea099d4c30
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143
30a31bd4c38a2400b0e4aeb83da4f028cca84568378d1deedc236406792f1baf
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
3770a9a0182c216ed1b881b9dc56d101b5cbbcc17c587439c5105235980b84d1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
4c0e975f3e42b8333360672d56901e82913d033e1c7aa041dc17f0d2957c2152
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
51a69d8519ae10132a41c16918a97bd3d48728c40eeed04bd4fce49de64dcac8
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
743c128a4497054c7ed51d482291f374094ccb8a7bd906f8306c8351fdacda44
74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02
7a7dcb207863b588dd58e49adb2dc0fca02fae2bd10571e7ccd087067ae09f12
7c705f2b3e11d60cb56c82676c3675664e38975dc6961c36c5716d8e3d4cb3a0
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df
8fe7cb2e2ca27c244b5a8ae485cc3ee3bae8159acde4afd047297f9f95d047e6
979adf7d61df1d8710462f3a4496d9b79d99c4bfbce13398b25a422bacdeeacd
a06ab97f18cf290ffa4879a0216940c4d93909ea30be93f16c12d90e612eb59f
a87562866b11f6965cc026139110d7cf9540bd431a9890ff5236263be68a3daa
aa798eed069cef8bd27f9d48eff93f6cbaf15534d00af64ae9d57eb8b4524fae
ac80c5a817d540c2ab8b51dd19fc6b94f15cba0430924935af3810ee0c09509f
af01241657ad3ea718b064adb74d0ef1bda2465ddb9e3abb17aaa641436e9666
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
c8cca962f96d12d6d13a07d813e1e2d42359663740d87399452430fb648bb8fd
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
d7c8a01d0fbc2f28833642fa805b557660d173d1827246459e3979d28d3401cd
daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9
e057dc25f78a7b5ca63095867aa4614bdfb645f2b1091c1f062fd7363593000c
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fdc92651c42691d15fb282930a9d901021fd2acddaead3d12ff9fecdb5e455a1

juicyfields-refund.io Open in urlscan Pro 162.0.214.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

77 %HTTPS

88 %IPv6

5 Domains

8 Subdomains

10 IPs

2 Countries

1325 kBTransfer

2817 kBSize

2 Cookies

7 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

juicyfields-refund.io Open in urlscan Pro
162.0.214.240 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

77 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

10
IPs

2
Countries

1325 kB
Transfer

2817 kB
Size

2
Cookies

52 HTTP transactions
1 data transactions