fxrefund.info Open in urlscan Pro
2606:4700:3036::ac43:bc36 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fxrefund.info/
Submission: On May 27 via automatic, source certstream-suspicious (May 27th 2024, 2:08:27 pm UTC) — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 43 HTTP transactions. The main IP is 2606:4700:3036::ac43:bc36, located in United States and belongs to CLOUDFLARENET, US. The main domain is fxrefund.info.
TLS certificate: Issued by E1 on May 27th 2024. Valid for: 3 months.

This is the only time fxrefund.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3036::ac43:bc36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1079:1	200325 (BUNNYCDN) (BUNNYCDN)
3	172.67.188.54 172.67.188.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	34.117.186.192 34.117.186.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
43	11

25 2606:4700:3036::ac43:bc36 (United States)

ASN13335 (CLOUDFLARENET, US)

fxrefund.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

s3.tradingview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)

www.tradingview-widget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.188.54 (United States)

ASN13335 (CLOUDFLARENET, US)

fxrefund.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	fxrefund.info fxrefund.info	1 MB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	153 KB
3	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3017	5 KB
2	gstatic.com fonts.gstatic.com	63 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7491	623 B
1	tradingview-widget.com www.tradingview-widget.com — Cisco Umbrella Rank: 27863
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
1	tradingview.com s3.tradingview.com — Cisco Umbrella Rank: 17796	6 KB
43	9

	Domain	Requested by
28	fxrefund.info	fxrefund.info
5	cdnjs.cloudflare.com	fxrefund.info cdnjs.cloudflare.com
3	upload.wikimedia.org	fxrefund.info
2	fonts.gstatic.com	fonts.googleapis.com
1	ipinfo.io	code.jquery.com
1	www.tradingview-widget.com	s3.tradingview.com
1	fonts.googleapis.com	fxrefund.info
1	code.jquery.com	fxrefund.info
1	s3.tradingview.com	fxrefund.info
43	9

This site contains no links.

Subject Issuer	Validity	Valid
fxrefund.info E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.tradingview.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-05` - `2024-12-04`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.tradingview-widget.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-03-19`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ipinfo.io R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fxrefund.info/
Frame ID: 4F490EB496939AA95E7D60DCB8CB46A2
Requests: 48 HTTP requests in this frame

Frame: https://www.tradingview-widget.com/embed-widget/ticker-tape/
Frame ID: 20B9E642A41A45C8E8BC557A30B9C56E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forex Refund

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

1764 kB
Transfer

2546 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fxrefund.info/ 48 KB
13 KB 194ms
103ms Document
text/html 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf52a43c9a747972828dc0d2dacb7d4eb39b17a19b526fb1640fafed0f3ef2fa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88a6939aece2906d-FRA
content-encoding: br
content-type: text/html
date: Mon, 27 May 2024 14:08:22 GMT
last-modified: Mon, 27 May 2024 13:33:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehZt4E6tI6YonpfZ8FovMKrHd6cf04Tg3Ws4DZlOe%2FjCZikvIoxS2nF3kitPZrSpEsPB7Uw%2Fw6gB5JKFPHP63ffjGNgh%2BuWBIawuu8pAX6Muh7eSgDlnqOSeTNxaxlsQdguuFCR8XCu9VpTv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 styles.css
fxrefund.info/css/ 13 KB
3 KB 98ms
91ms Stylesheet
text/css 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/css/styles.css
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde6f1cc23545c3091e561a55c6cc3518ea3a01e682dccde1eb926f2fbf1a82e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 13:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uv2eZXMmK6Jh5z5JsBAviQ%2BFpWV3YffuEv6dthGchc4bDT5lNVkwpDdtgirqLjZNBK9v9rExdS1tdExrYT10xJx3aVDJErB4MJl9jsJcTlpRMGbxMKTSaaI7ckDKHsX7ewOz7sX9%2Bmck%2FGe%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939badb5906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2266

GET
H2 200 media.css
fxrefund.info/css/ 4 KB
1 KB 78ms
74ms Stylesheet
text/css 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/css/media.css
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ae40444698704dfb370e4790dfc97963c36474fe8eb101b807928f4742166c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xsv9TFVZCu7SM%2Fp6tBGBWU5EW2sIcr5hhIDrzELQ9u9TGOj8qJuEo6qLv%2B28ruybCSTApQgy%2F98XwdLF7GMZEnPUFp7T0xqBvMWdBAvvWApZyNfmEyiIG3enEvdWQ1ooBUlzUpL2PR0eO5jE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939badb6906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 766

GET
H3 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/ 25 KB
2 KB 233ms
177ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 236586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1970
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-62a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkLEKebpXEsnb3dN%2FVvZuxBJ5XwxAuRjtQE5kOz0AVBQ4MI9llZaxnpcGOiAL%2FZcYYaFrp0YOI2hV7JsOpn%2FcXmkhkddrxzZlUlLg8qTLdLE1JNS0feVr3GvdgWbHSSORw3kZmEQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a6939bfdbe5b26-FRA
expires: Sat, 17 May 2025 14:08:22 GMT

GET
H2 200 logo.svg
fxrefund.info/img/ 8 KB
4 KB 86ms
84ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/logo.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e346f10bdea8a34cbc77adf0a39ab7e024b1ed6e65f0663cdb31cdd054d3859

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0tze31ZcgYwAXb2xQlT4qVRkBuLsSGAQxmlIMTDLzbLuEoZGHSvX1sKpLBIpVFyo2ynJjn10MSRn8VQ2u%2BPX7S5DLFLqFXP8PmuEZwEKJfDuDPhL8vHvN6UMzUxhITnvPGWcOiQjloq9Jk7"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939badb8906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 embed-widget-ticker-tape.js Show response
s3.tradingview.com/external-embedding/ 13 KB
6 KB 159ms
41ms Script
text/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 0c4e24d5c57910e172f6d030eac27601f493f5fe9effe0a29e3a6f7c3c605261

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cdn-edgestorageid: 1079
x-amz-request-id: H8AY374P9KSVEGCD
x-amz-server-side-encryption: AES256
cdn-cachedat: 05/27/2024 10:28:48
cdn-pullzone: 1837468
x-amz-id-2: 9GFx68Wb6tXxDk04BnrvwKvBnZqfVYPoTEubH3EQPmXOf5KTCFWabqxNaCZHt1PQ2vsAvH6qhkDle1uTkgBo3HWvXnCo3OWP
last-modified: Mon, 27 May 2024 10:26:16 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"c9759a6253e87d05e21d112a4f4e2058"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
access-control-max-age: 3000
cache-control: public, max-age=300
cdn-requestid: c7ca8c3f2e611f937886d2cdc4dbfe0e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ico.svg
fxrefund.info/img/ 615 B
658 B 95ms
94ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/ico.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d62d1927fe3af5c4fd1143b01f95c6be0076ca69f6cca8541700ed921eb9c6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:43:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjwnYKTjp14k3YnqLhq2x9qJCIHhOP%2FOVs94BDM%2FXuENtID4cDS5WYd51Wwgjc53ZQOh0IslN5mRc4yaX5mL4TIL8E%2FiM3LBh7aLhEyq6wsp6q62RGgQNl7vvWQc4pBHVun4DkalumDxnqGo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939badb9906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-1.svg
fxrefund.info/img/ 7 KB
3 KB 1139ms
1132ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-1.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58611517bb57f8dcf6102e1ea2032fc84481ac73621d42aa371db153720c328d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:45:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eaxFWoSzIjmzjDyTHrogacgyp2SXSw8eayQ8mrA0sS3LZkQUVfa4EEf9KEvfsb1y6acLx%2F1PGJyFWkrO0s34IxIapObU2DQfwygmRjJ2ZwODsEp%2BwmwekqDnCPdgdvvEAyup%2BsOmdBVSdCZo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bddee906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-2.svg
fxrefund.info/img/ 18 KB
7 KB 101ms
95ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-2.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ddcf68a380a93b082ec40365b6cdecce7d47085887683ce33eee9e6ea06968

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:45:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKeiMk0UrpD9Ryyi6EL5Q%2F5KMiHZe3Cosg%2BcXe7tpRTa1eRnA9GNyZOILNBHuZ4rNfVrE1BRAT3x3PYF9cTdnuugccmntBCiqPX5GmTRgGtW3vtibzwFgKjv6REIdXUI1nXt5%2F1D1B%2F8S%2BR2"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bddef906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-3.svg
fxrefund.info/img/ 8 KB
3 KB 92ms
86ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-3.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0519e2d2ecf82649b92c4ad3c11d06396f4b0284ca9b1801fc3482f0309652cb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:45:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pn9VMerwGAH77B8KS0KOJwY9L%2B17MIQNMDMgpoGnOHYU%2BJFMurCoQx4Vj8oUWQXKvl6K98TQhvqHeCJluX6H9U7%2Bq8Wo%2FMc5DyERkpp0i57wW6QmdtJ4tpVy87cvHsY5NnAgkQR6hZB%2BSDgZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bddf0906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-4.svg
fxrefund.info/img/ 3 KB
2 KB 79ms
75ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-4.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50af2faa658fdca45223b22bc47465d8dbc5a3362c679e95034667122d6fac5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:45:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZebsWA4KLkNr461PpHwPuOelhDHlJcuKFbtWuTz0stCQpr2fBIaiwkKgaLUasXeel1MC29IVjIdFLHh0CUbFwqYTNiyE5GGzyOnmmmF%2FUNtZvzjVmHsXtmr14eE5rfW0k992svJK3D5ca9v"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bddf4906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-5.svg
fxrefund.info/img/ 3 KB
2 KB 85ms
81ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-5.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3f9500c13ad8087a2bd8489fd2fa3a73a0c554750e576285734f6d4cf6d5a65

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:45:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1d93ARokkhc7URXSCfg%2B7LDufyYibkmX4txL%2FH6FGmnAtO4vGVuY6JmW%2B%2BR2Z4Cx120U5eiI4NeVfI5lIH1uu%2FD06D0uw8%2FvriKz1NknU%2Bi%2F9s17xbwzOSdYaVWSpJN4BnoGtAmx%2Bt7hyLk"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bddf6906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-6.svg
fxrefund.info/img/ 8 KB
4 KB 102ms
98ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-6.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b445e0f9979ce24e1639d23fe106d6a1b1d7240fb89877c8cb4254ebe56ae746

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9se6XYDYh833YLxCq8SwtCH4ABJtiTWhVpHysjHDs3Yq%2Fbt8294mkicgpgob5Pd51GS3zQEwMgignbj%2BqMHdvCCZfMZd3Ac11W9u17n3E1KmqErqBO248%2Fzdke%2B7lII2215CSfUICHXrgNtV"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bee05906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-7.svg
fxrefund.info/img/ 5 KB
2 KB 100ms
96ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-7.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea4258bceb94c28d810d503b0f9e97864370689ad99d1ab5136fbb124d988140

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:46:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccU3U592qd83vqD1bjUxpl8jD90LvzUGOBL1OUU4zCsxRGJhZU80MjchYQav5Y%2Ftl9p%2BbHy4CTond9vJFuzAmi%2FE3Aei2u8s1QLyG4xIJgpUcWoW8sib59QcFV1WMTAeyuv5TW%2B7bYSVpjpT"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bee07906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-8.svg
fxrefund.info/img/ 3 KB
2 KB 1131ms
1127ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-8.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6f220394853486b6e63bf82b74f024b21942dade85b3edf558b6dfd6de8287

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:46:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCTjLnkKzWfKqS9c58xqXN8fLSBFhjPgCExvMlwvi35B7h4xx8P2MWG8%2FnsK4j7qzVGpk8orfeLjNXvBvm8RssmwF4dNJ7sVaah8Z2eWXQIhmkpsa0meHHOoQwEEDcqAK8Pot%2FnF5gFuNaAg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bee08906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-9.svg
fxrefund.info/img/ 3 KB
2 KB 91ms
88ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-9.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02ea36e0819cafbdf683b341c80e0064ef0ee5c08544c103889059bce63779f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQX1ro3ZxcREfx4vbdjZpL7CoeBlG1JK%2FoJoo0pR1TGUUbzEqHcE%2BHY6o5DnRoTZ2jd3H%2FCw%2FHkQzt2U%2Brcn8GgFAMO6YTx1LolGrh5AsA1QnPPlLPyX9RxfiCGLwOempkV2GP6bcpTyh3gg"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bee09906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bank-10.svg
fxrefund.info/img/ 2 KB
1 KB 88ms
85ms Image
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/bank-10.svg
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99aead8c2748f8bce4286b7710ab5a10cc5c131d67b4f1d667b6027cdc66c565

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:46:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Orre7vhGi0JudjiAuFx0Fz3sYJV8WTGujm1%2BqlUxfWiZaJFvWRu8B3%2BRYzOVjG%2FWRTjdrPcC1ffdHm3fuSXJAAExCIVaJJSxCmHkFJKK1fNNPdxqwPSoFdWB%2BE%2FsBbR7JxZWusqmabbnbuSx"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939bee0b906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 poster.png
fxrefund.info/img/ 73 KB
73 KB 114ms
111ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/poster.png?v=1
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3481a1606c1c1194fb0cfb57ad11553bb4a0b3696e1c2b918d4157e9eb62f19

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 13:59:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pone1M9ryOH%2F%2BxHzYeanGG36vVBjxM4g0RKmUR2D9FVpKuJsCOtClo8XLKkIY%2BUcDpxtYCTLJQc0PWNVi0N4y9kOpfg0EH2d%2FWM3KP887Ue9z79ZX3LkSJkkp4voGVy3L8oG%2FquSywEn%2BlYV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939bee0e906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 offer.png
fxrefund.info/img/ 449 KB
450 KB 1113ms
1110ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/offer.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f2e526d425c4c097b603ccb354aeacaef90d123bb6493922976cad314ae6011

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:47:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfMnBzvN7fVBv4B16w1SGNBu%2F2ifsKMQkOHFmTnzAQn9wcjalDtbMQjaCQZ%2BN5nH26OrH92XAm2EM0eNWDBf%2FRUu0IYnnHAbSeF3kD27MTuxUvge11CFyHdiq0SIZTjBJ8mrIiYnCruqilXC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939bee0f906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 120px-Flag_of_India.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/41/Flag_of_India.svg/ 764 B
2 KB 141ms
44ms Image
image/webp 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/41/Flag_of_India.svg/120px-Flag_of_India.svg.png

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

96be3a227bc350887df62d26ed6c707a5348c75fd0b7950bc578e84b6a7a2710

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 09:35:54 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 16348
x-cache-status: hit-front
x-cache: cp3080 hit, cp3080 hit/67
content-disposition: inline;filename*=UTF-8''Flag_of_India.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3080"
content-length: 764
x-client-ip: 2a01:4a0:1338:92::12
last-modified: Sat, 30 Mar 2024 08:45:55 GMT
server: envoy
etag: 54249b6ab64dbf0d9486650455e650de
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 120px-Flag_of_Ukraine.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/49/Flag_of_Ukraine.svg/ 50 B
930 B 142ms
46ms Image
image/webp 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/49/Flag_of_Ukraine.svg/120px-Flag_of_Ukraine.svg.png

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

a74766d24bf9352d1fd727d3dc57d4901d0a4b142c78c8accac5d7bcae4bcc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 11:59:01 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 7761
x-cache-status: hit-front
x-cache: cp3080 hit, cp3080 hit/61
content-disposition: inline;filename*=UTF-8''Flag_of_Ukraine.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3080"
content-length: 50
x-client-ip: 2a01:4a0:1338:92::12
last-modified: Wed, 24 Jan 2024 09:30:11 GMT
server: ATS/9.1.4
etag: 0dba992a31c1be8f5823aa419bdee82b
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 120px-Flag_of_Kyrgyzstan.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/c7/Flag_of_Kyrgyzstan.svg/ 1 KB
2 KB 144ms
48ms Image
image/webp 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/c/c7/Flag_of_Kyrgyzstan.svg/120px-Flag_of_Kyrgyzstan.svg.png

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

5f2716d8c490b48b540ff5d3655b1e664d5aaeba18f0dd83a42fb7ab4251d4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 20:26:48 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 63694
x-cache-status: hit-front
x-cache: cp3080 hit, cp3080 hit/205
content-disposition: inline;filename*=UTF-8''Flag_of_Kyrgyzstan.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3080"
content-length: 1362
x-client-ip: 2a01:4a0:1338:92::12
last-modified: Mon, 11 Mar 2024 17:12:50 GMT
server: ATS/9.1.4
etag: e5aeb87557f5a46ae12b80458c5cc00f
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 license-1.png
fxrefund.info/img/ 161 KB
161 KB 125ms
123ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/license-1.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 241e420a3771d584c4f30ffa896b99719a2f551ff94d19f8df0131ded0e7257f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:47:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o8DQmzxx3sZzpmkbvF8eQ5PN7lKVZr27xId%2BMTCu6ZGR9aGxe7kj%2Bi0rP941mGZp5BZuo92pL6dAiupH9RlSdkXJ0YSmoTy4BrHNunSG%2BWkENkOWkqCEwwBxZKA6JoaO%2FLyfY0pSNG8%2BXhuK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939bee10906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 license-2.png
fxrefund.info/img/ 72 KB
72 KB 139ms
137ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/license-2.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543a63945d606df74892a12100ec68d6b37173aecb392e4188e286790e68dc8e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:47:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yElrH%2BFRNSJ28dMeDp7u4aoGnaLObyZXGyDUrVez0XCPjp2hdPlIUKNsMJskHkzWkvMZgYNI5Y2ue6asieGHS6%2B36djqD57jEi72adm%2BoTGQt3mwZrsiNYT3aLR%2Byi6geG4j2AtyWt2PPq3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939bee12906d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 footer-logo.png
fxrefund.info/img/ 8 KB
8 KB 91ms
89ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/footer-logo.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6c59617d77c469a01b992ba697b8046b2db26802c0d18165fa9a73b83829283

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:47:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PazDRgwQ1gn04ITWkJVNFSOXiABeGQZpnRY%2FRgqhJgIAi7z0DeRkxVpwJtn4gtn4ZN%2FmbL5NUmyu%2BpfCX03AqgwIGqS%2Bg5mydpgusoJhZlHTBiOtif%2B8Iv4l6ldCLc9zA0dKbkuG7nTA6DBS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939bee13906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8311

GET
H2 200 footer-logos-1.png
fxrefund.info/img/ 9 KB
9 KB 75ms
73ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/footer-logos-1.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a7b104f7e24505b6c83b930208483bf8d3b3b5dbbf205e5897b8a35e83463b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:48:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BVmpB5E%2B6S6dcyISeg4a%2FpXlrRvWp1twLuPzBCSBmwEuh8m8uZKedleAN3M9IOqkrelJuIAy4Bj9%2BJeMz2So%2FmuRDH4p7LAWopLFtXMCQyEBiog%2Bk9swNyCo093df%2B0UPvOGKRz2rMbaYGw1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939bee15906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 8650

GET
H2 200 footer-logos-2.png
fxrefund.info/img/ 3 KB
3 KB 92ms
91ms Image
image/png 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/footer-logos-2.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7aa8e0d8018eede7969e2c9d867eeea15dd73a45e079df0715f2b3f0506e8762

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QBFdB6W%2BrI%2F2c3kYhh4KwIGnN2h6lZSYRjh2MvbVIyO3fLkDw47B%2Bx%2BZCxxZ3NjmXfpN2ej0YLKWqPYzr%2F0I46bBQWQhGJPjwySnfa%2Bw7Sj45DF9pHMMYZPpuXLUBMv6KEF2tr4bmRiWMoAu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939bee18906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3040

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 161ms
49ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2675083
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mxp6949-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716818902.484601,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 5, 917510

GET
H3 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ 29 KB
9 KB 82ms
56ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/intlTelInput.min.js

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 240134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8889
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-72d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwU4rrRz6I2U6Ub1UPtcVUgVG0ou6omjMpa5rJ%2FfGSYkVA3jCH5LX1p7ducmsE3oj2A8dH%2FkBtawt03o7%2FGfGFkGp%2BBVJgjFLVuFBly8%2FE7dMASrn1eRhdxEynFfWLCPCZXoiYQm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a6939bfdba5b26-FRA
expires: Sat, 17 May 2025 14:08:22 GMT

GET
H3 200 utils.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/ 241 KB
45 KB 108ms
83ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/js/utils.js

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 241169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 45687
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-3c35d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAb%2FXkCaQWmeEl6%2FI5eJDhiGocgixJZe59IOBbPmufhiKixZIqlLDAB2Vb2x3anvF4mjFIbWjEGE%2FYxhOGw2B4eHjPkok%2BOZEYnW6Rhq0lgQT%2Fvl8DGgBSYvxeOzBCZP3k0Hzi8X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a6939bfdbc5b26-FRA
expires: Sat, 17 May 2025 14:08:22 GMT

GET
H3 200 jquery.inputmask.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7/ 97 KB
26 KB 83ms
58ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.inputmask/5.0.7/jquery.inputmask.min.js

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae82f0addc0458112cf2428b7338db058b8c3a65d074b5d7f6b0213dcb7635f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 209275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26253
last-modified: Thu, 30 Dec 2021 22:38:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61ce34d0-668d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7UaF1BopAY%2FzD3enRcw9XMaOwcHDRczkNrlwDqPWEOJpKDqCPwerCTKirIPndE3l0RvnI3u0520x96lhSt1%2FcME8YeyCLpaDGuAbJGjgyhoOGB%2BYLt9mWCLuk%2Fyzco2iCEYmg8SG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a6939bfdbd5b26-FRA
expires: Sat, 17 May 2025 14:08:22 GMT

GET
H2 200 app.js Show response
fxrefund.info/js/ 883 B
672 B 85ms
80ms Script
application/javascript 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/js/app.js
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858580e32ab0120b8226791deea6a80822d786b8afe9f9697f8c67c7336f64dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 25 May 2024 08:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4E2M3ruVB7QCaFLYu0YnYvdeHRejbEOltlocR06YjRFsT1d9U32RMojlaF3GrYTETqI9iPETtjE%2Bjlw5kfwrpa7B%2Fd16ViqFvXqTLuGuDpC1XZKI4SV6wxxY87UgVkt7S2wkav2FJovstk4m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88a6939bddf3906d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 352

GET
H2 206 video.mp4
fxrefund.info/video/ 318 KB
0 152ms
152ms Media
video/mp4 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/video/video.mp4
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://fxrefund.info/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:48:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKgzEQlCZmXjt%2FIW%2FI3HpdHFZEK4E4uN816cKnunFTDQdcdZMdOyVcBFbuFCsL%2BVyY8g5UR99BAUnv0r4TyXHfMRWHN0Dhwz4zBKLZWyk8PiHaPvXdtCvveyEsxORyL0rOzcz8Nx70mpv2q6"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-59962541/59962542
cache-control: max-age=14400
cf-ray: 88a6939bee1b906d-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 59962542

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 154ms
52ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: fxrefund.info
URL: https://fxrefund.info/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 May 2024 13:01:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 May 2024 14:08:22 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
www.tradingview-widget.com/embed-widget/ticker-tape/ Frame 20B9 0
0 167ms
39ms Document
text/html 2400:52e0:1e00::1079:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tradingview-widget.com/embed-widget/ticker-tape/

Requested by

Host: s3.tradingview.com
URL: https://s3.tradingview.com/external-embedding/embed-widget-ticker-tape.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1079 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; script-src https://static.tradingview.com/static/ blob: https://.ampproject.org/ https://.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-HdU3Ef0CO7sLpflaSSDSOw=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://fxrefund.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=120
cdn-cache: HIT
cdn-cachedat: 05/27/2024 14:06:27
cdn-edgestorageid: 1081
cdn-proxyver: 1.04
cdn-pullzone: 2118568
cdn-requestcountrycode: DE
cdn-requestid: c8d3a2c66763f52bf2cfda37e195effc
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 0e2daf09-b694-4906-9f20-7c3ca5f9a6a3
content-encoding: br
content-security-policy: object-src 'none'; script-src https://static.tradingview.com/static/ blob: https://*.ampproject.org/ https://*.paypal.com/ https://platform.twitter.com https://platform.x.com https://songbird.cardinalcommerce.com/edge/v1/ https://checkout.razorpay.com/ https://cdn.checkout.com/ https://www.tradingview-widget.com/static/bundles/embed/ 'nonce-HdU3Ef0CO7sLpflaSSDSOw=='; default-src 'self' https: data: blob: wss: 'unsafe-inline'; base-uri 'none'
content-type: text/html; charset=utf-8
date: Mon, 27 May 2024 14:08:22 GMT
expires: Mon, 27 May 2024 14:08:27 GMT
referrer-policy: origin-when-cross-origin
server: BunnyCDN-DE1-1079
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 intro-bg.png
fxrefund.info/img/ 275 KB
275 KB 132ms
131ms Image
image/png 172.67.188.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/intro-bg.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20d72701f1fba1c3e0df6808001162c3e672b196ebb49df462dfaf1e103f92a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/css/styles.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 13:59:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDiXbP2MOXfIK0%2FZqJYMjn%2BXWB9R1P0vcPhukKLO8ACZCl74oSR8CPKWjLG83L976YEb7qTzjknHZAFhTgdFrLoVFV%2Bj1HdwIYMVYVB1yFzZusX3emsPU8YkGSEKM%2F26"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939d4a5a92c5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 about.png
fxrefund.info/img/ 130 KB
130 KB 91ms
91ms Image
image/png 172.67.188.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/about.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb740a6aaf00d2b634c426bb5a1fdde9bd4cc1da04e54a8e3538ee54caae07f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/css/styles.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 13:59:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PooHwT4OrcUrBmhaz%2FE2SDrxrqiGoUSlTZGeFHgo%2Bu9owtE9rbumMmhanIehEivokUPjySYyPFKPiVBxf2j%2FCpk5p7WbyxaZ4dVqs6WF3IYmYnQPkgNunhUwlY1rMl0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939d4a5b92c5-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 17 KB
18 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://fxrefund.info
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:51:48 GMT
x-content-type-options: nosniff
age: 386194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17600
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:51:48 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 145ms
52ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://fxrefund.info
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:44:27 GMT
x-content-type-options: nosniff
age: 386635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:44:27 GMT

GET
H3 200 offer-bg.png
fxrefund.info/img/ 273 KB
274 KB 288ms
288ms Image
image/png 172.67.188.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fxrefund.info/img/offer-bg.png
Requested by: Host: fxrefund.info
URL: https://fxrefund.info/css/styles.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7e484878ee81ff5c22447a6727ad61f145159ee412bb1dd2929753bfc2d5048

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/css/styles.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 13:59:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsQxXauGxkqOwnNIJxgIjig9BtIpmi%2BbLb1SdtEiJrs2sOaz9sBXL3MiU5LUmG07cLb7u9vateGzTVjKB%2FxF8HKRHkuywMm0bJ%2Fh7SSe8r3%2BN86C7TPuweuypGCW7HKD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 88a6939d4a5f92c5-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
ipinfo.io/ 321 B
623 B 241ms
158ms Script
text/javascript 34.117.186.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?token=239ec4cb3134d5&callback=jQuery36009933851769838662_1716818902618&_=1716818902619

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

192.186.117.34.bc.googleusercontent.com

Software

nginx/1.24.0 /

Resource Hash

9154a66a56fd524fbd5434efa594b3ec44a1b5cddb1fe930c886f655a78a2205

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
via: 1.1 google
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.24.0
strict-transport-security: max-age=2592000; includeSubDomains
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 321
x-xss-protection: 1; mode=block

GET
H3 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/ 69 KB
70 KB 51ms
51ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.8/css/intlTelInput.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 410890
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 70862
last-modified: Wed, 21 Oct 2020 12:48:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f902e0e-114c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lfPwG7hnihWOjXuYm4qq7K5R5VlOCCsMc8s3MQi9QasjGZy9RrKp6StFhCaOFZOd%2Fuocr1xdyPKhjMYfMF6%2B6FYnuM4vERLzftNOgPBwOu131qxSuwHz8wdWIDG9XVtmxbula5tM"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88a6939daf2d5b26-FRA
expires: Sat, 17 May 2025 14:08:22 GMT

GET
H2 200 ico.svg
fxrefund.info/img/ 615 B
0 0ms
0ms Other
image/svg+xml 2606:4700:3036::ac43:bc36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fxrefund.info/img/ico.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:bc36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d62d1927fe3af5c4fd1143b01f95c6be0076ca69f6cca8541700ed921eb9c6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fxrefund.info/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 14:08:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 May 2024 08:43:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjwnYKTjp14k3YnqLhq2x9qJCIHhOP%2FOVs94BDM%2FXuENtID4cDS5WYd51Wwgjc53ZQOh0IslN5mRc4yaX5mL4TIL8E%2FiM3LBh7aLhEyq6wsp6q62RGgQNl7vvWQc4pBHVun4DkalumDxnqGo"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 88a6939badb9906d-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
fxrefund.info
ipinfo.io
s3.tradingview.com
upload.wikimedia.org
www.tradingview-widget.com
104.17.24.14
172.67.188.54
2400:52e0:1e00::1079:1
2400:52e0:1e00::1080:1
2606:4700:3036::ac43:bc36
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a02:ec80:300:ed1a::2:b
2a04:4e42:200::649
34.117.186.192
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
02ea36e0819cafbdf683b341c80e0064ef0ee5c08544c103889059bce63779f4
0519e2d2ecf82649b92c4ad3c11d06396f4b0284ca9b1801fc3482f0309652cb
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0c4e24d5c57910e172f6d030eac27601f493f5fe9effe0a29e3a6f7c3c605261
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1e346f10bdea8a34cbc77adf0a39ab7e024b1ed6e65f0663cdb31cdd054d3859
1f2e526d425c4c097b603ccb354aeacaef90d123bb6493922976cad314ae6011
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
241e420a3771d584c4f30ffa896b99719a2f551ff94d19f8df0131ded0e7257f
543a63945d606df74892a12100ec68d6b37173aecb392e4188e286790e68dc8e
58611517bb57f8dcf6102e1ea2032fc84481ac73621d42aa371db153720c328d
5f2716d8c490b48b540ff5d3655b1e664d5aaeba18f0dd83a42fb7ab4251d4ee
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64cb11eb2a5237cbe1e05ccf25acefeed578f32d1a6923d58de35c8a0145e8cd
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7aa8e0d8018eede7969e2c9d867eeea15dd73a45e079df0715f2b3f0506e8762
858580e32ab0120b8226791deea6a80822d786b8afe9f9697f8c67c7336f64dd
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
9154a66a56fd524fbd5434efa594b3ec44a1b5cddb1fe930c886f655a78a2205
96be3a227bc350887df62d26ed6c707a5348c75fd0b7950bc578e84b6a7a2710
99aead8c2748f8bce4286b7710ab5a10cc5c131d67b4f1d667b6027cdc66c565
a74766d24bf9352d1fd727d3dc57d4901d0a4b142c78c8accac5d7bcae4bcc1f
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
ae82f0addc0458112cf2428b7338db058b8c3a65d074b5d7f6b0213dcb7635f4
b3f9500c13ad8087a2bd8489fd2fa3a73a0c554750e576285734f6d4cf6d5a65
b445e0f9979ce24e1639d23fe106d6a1b1d7240fb89877c8cb4254ebe56ae746
b6c59617d77c469a01b992ba697b8046b2db26802c0d18165fa9a73b83829283
bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d
bf52a43c9a747972828dc0d2dacb7d4eb39b17a19b526fb1640fafed0f3ef2fa
c3d62d1927fe3af5c4fd1143b01f95c6be0076ca69f6cca8541700ed921eb9c6
c6ae40444698704dfb370e4790dfc97963c36474fe8eb101b807928f4742166c
c7e484878ee81ff5c22447a6727ad61f145159ee412bb1dd2929753bfc2d5048
c8a7b104f7e24505b6c83b930208483bf8d3b3b5dbbf205e5897b8a35e83463b
d50af2faa658fdca45223b22bc47465d8dbc5a3362c679e95034667122d6fac5
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dde6f1cc23545c3091e561a55c6cc3518ea3a01e682dccde1eb926f2fbf1a82e
e20d72701f1fba1c3e0df6808001162c3e672b196ebb49df462dfaf1e103f92a
ea4258bceb94c28d810d503b0f9e97864370689ad99d1ab5136fbb124d988140
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
ed6f220394853486b6e63bf82b74f024b21942dade85b3edf558b6dfd6de8287
f0ddcf68a380a93b082ec40365b6cdecce7d47085887683ce33eee9e6ea06968
f3481a1606c1c1194fb0cfb57ad11553bb4a0b3696e1c2b918d4157e9eb62f19
fb740a6aaf00d2b634c426bb5a1fdde9bd4cc1da04e54a8e3538ee54caae07f3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

fxrefund.info Open in urlscan Pro 2606:4700:3036::ac43:bc36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

70 %IPv6

9 Domains

9 Subdomains

11 IPs

3 Countries

1764 kBTransfer

2546 kBSize

0 Cookies

0 Outgoing links

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fxrefund.info Open in urlscan Pro
2606:4700:3036::ac43:bc36 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

70 %
IPv6

9
Domains

9
Subdomains

11
IPs

3
Countries

1764 kB
Transfer

2546 kB
Size

0
Cookies

43 HTTP transactions
6 data transactions