urlscan.io logo urlscan.io
SecurityTrails logo

0xrefund.io Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://0xrefund.io/
Submission: On May 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 55 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is 0xrefund.io.
TLS certificate: Issued by R3 on May 27th 2023. Valid for: 3 months.
This is the only time 0xrefund.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 76.76.21.21 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 160.153.0.161 209242 (CLOUDFLAR...)
3 5 23.36.163.225 20940 (AKAMAI-ASN1)
2 2a02:26f0:2c:... 20940 (AKAMAI-ASN1)
55 5
34    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
0xrefund.io
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    160.153.0.161 (Amsterdam, Netherlands)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 161.0.153.160.host.secureserver.net
gilgeous.com
5    23.36.163.225 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-225.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
2    2a02:26f0:2c::213:6143 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
Apex Domain
Subdomains		 Transfer
34 0xrefund.io
0xrefund.io
3 MB
16 gilgeous.com
gilgeous.com
85 KB
5 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 8847
img6.wsimg.com — Cisco Umbrella Rank: 11033
20 KB
2 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12144
576 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
3 KB
55 5
Domain Requested by
34 0xrefund.io 0xrefund.io
16 gilgeous.com 0xrefund.io
gilgeous.com
3 img1.wsimg.com 3 redirects
2 events.api.secureserver.net img1.wsimg.com
2 img6.wsimg.com 0xrefund.io
1 fonts.googleapis.com 0xrefund.io
55 6

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me
Subject Issuer Validity Valid
0xrefund.io
R3		 2023-05-27 -
2023-08-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
gilgeous.com
Cloudflare Inc ECC CA-3		 2023-04-27 -
2024-04-25		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2022-08-05 -
2023-09-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://0xrefund.io/
Frame ID: 42476FA38DA7AFD997188096E49167B5
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

0xRefund

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
  • <link [^>]*href=(?:"|')[^"']*uploads/elementor/css
Overall confidence: 100%
Detected patterns
  • /particles(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

55
Requests

96 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

2859 kB
Transfer

4118 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 302
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Request Chain 44
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
0xrefund.io/ 		95 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8850185ee5bc949b4bb398dfee133debe7a0a53390ab47a45ee3ba0a59cacd48
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
50
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 27 May 2023 20:24:40 GMT
etag
W/"f28ed46225eda102372f45b3867de207"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::gl8c5-1685219080583-a6187f8669d9
style.min.css
0xrefund.io/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::lvqk6-1685219080621-76f90488ca86
age
0
etag
W/"47cdb0e81ea341ad27a1a0b0ba6b02d8"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="style.min.css"
classic-themes.min.css
0xrefund.io/wp-includes/css/ 		357 B
515 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-includes/css/classic-themes.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
149494ff1db4f823e437a4f4ac1b710a6934af6e9d47749b0d8d3c09da2b9048
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::bzt26-1685219080625-010df51f3974
age
0
etag
"ac25e0d6453cbd4e3b8136fa7cfd8b54"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="classic-themes.min.css"
accept-ranges
bytes
content-length
357
eae.min.css
0xrefund.io/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/css/ 		153 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/css/eae.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
62227576fbbe6e1e90bfe59f3d5f0bf93993da5fd8379a09cf3dc3e764d1a881
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::j24zx-1685219080626-1152a6bd50e5
age
0
etag
W/"0cdbc3b5a4aca36fd59312e423261408"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="eae.min.css"
v4-shims.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::29xcq-1685219080627-d7792db05cbd
age
0
etag
W/"c55205bce667f5d812354fd1353e7389"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="v4-shims.min.css"
all.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gbd4k-1685219080626-439edba7986c
age
0
etag
W/"74bab4578692993514e7f882cc15c218"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="all.min.css"
vegas.min.css
0xrefund.io/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
796f7b42768f7f383b5a92ae4d463e50462b8c37e7f140129a7629d95917b2f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9qrtw-1685219080626-6ee37f5eeada
age
0
etag
W/"ad8951d990d1a059fd0829ca7a0d0c0f"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="vegas.min.css"
style.min.css
0xrefund.io/wp-includes/css/dist/components/ 		81 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-includes/css/dist/components/style.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::8qj5d-1685219080626-30be946b2b81
age
0
etag
W/"3a8ca5bab7b823875c3a70012893d0f6"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="style.min.css"
latest.css
0xrefund.io/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/latest.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dxkkd-1685219080626-01c099ecd3e9
age
0
etag
W/"0793ca35f5d388181a5e6c01688af110"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="latest.css"
header-footer-elementor.css
0xrefund.io/wp-content/plugins/header-footer-elementor/assets/css/ 		776 B
911 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::2qhmr-1685219080632-e644aa32ccc4
age
0
etag
"a5bf64d5859ee94a3e8e93d592d6d2a0"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="header-footer-elementor.css"
accept-ranges
bytes
content-length
776
elementor-icons.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/eicons/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e65916f9a5c70cdb24ccd28a538a48afb387063bb1f89a69492b7170aa5e1285
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::lsfdw-1685219080626-ce1c8a58b1c9
age
0
etag
W/"966ac3c225180fb6968732b2cf00f4a2"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="elementor-icons.min.css"
frontend-lite.min.css
0xrefund.io/wp-content/plugins/elementor/assets/css/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/css/frontend-lite.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e0ae0a7944033a36d26dada1929f62ab2c2a4e43998bfe28f849c052ceb36fba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gl8c5-1685219080631-822a667ef700
age
0
etag
W/"d63326f5408ea69ec05032bca2bf3810"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="frontend-lite.min.css"
swiper.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dxkkd-1685219080631-854f44484489
age
0
etag
W/"a2431bc290cf34e330e11ec4cfce1247"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="swiper.min.css"
post-38.css
0xrefund.io/wp-content/uploads/elementor/css/ 		1 KB
532 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/uploads/elementor/css/post-38.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4fd1923c7c06896ff697c84bcab11b031c33e847732b9ee69853c22265ced201
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9rtc7-1685219080647-38a96a2fd542
age
0
etag
W/"8f84e01fed447bb68bbd48ba4d4eeb52"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="post-38.css"
global.css
0xrefund.io/wp-content/uploads/elementor/css/ 		40 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/uploads/elementor/css/global.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c6ff0303ac513301fda2f193bcfbfd3f2173edb035af93b7cd1c640d6476b655
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::kj654-1685219080631-1c069637169b
age
0
etag
W/"04a2f07324a31c765725f66cb5984bbe"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="global.css"
post-41.css
0xrefund.io/wp-content/uploads/elementor/css/ 		69 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/uploads/elementor/css/post-41.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f7b52748934689b8a104587c43ccb31abbe154cf3cf76db4f25ed9bde8dd123c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9qrtw-1685219080631-974d45387392
age
0
etag
W/"2b11bb766f8dbbf6f7b274d94a6ca49d"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="post-41.css"
frontend.css
0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 		74 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fb21f292ba07fe5f681c9df39499e14d259adbdd6848be17e0345fa4cecb6095
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tm7sm-1685219080706-429fd437caa3
age
0
etag
W/"f072a0352af5643b17c18a7330d2904e"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="frontend.css"
post-197.css
0xrefund.io/wp-content/uploads/elementor/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/uploads/elementor/css/post-197.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d1eae4e53d56bf460f501ef094e7ac0895f39562e8152a7e1b92c3cbfbda432b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::l5p7b-1685219080641-d5fd8beb9653
age
0
etag
W/"b9ac1ed8550f945d1aa1a0c44dd13f04"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="post-197.css"
post-244.css
0xrefund.io/wp-content/uploads/elementor/css/ 		934 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/uploads/elementor/css/post-244.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
da2d4e946cdd40bdd4ab2af60419d17da9bd8b47598da05e6f55d4e3ef627c34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::mn7dl-1685219080631-d039f25dce7d
age
0
etag
"a62c0db2172645daefca9cc77a62abb1"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="post-244.css"
accept-ranges
bytes
content-length
934
style.min.css
0xrefund.io/wp-content/themes/hello-elementor/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/themes/hello-elementor/style.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1d09f28a1b8fe73d31fdfa9f4855913c7f877bf51e74648887fd67ab156583a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wcw6h-1685219080631-ac7a18068050
age
0
etag
W/"f36aa4edd9d240c790817a3e9cde8b6e"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="style.min.css"
theme.min.css
0xrefund.io/wp-content/themes/hello-elementor/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/themes/hello-elementor/theme.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
304bb178716a5fb955d240295eb0b15a07076eccd91e33dad17f50b663e418a0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::8j52d-1685219080631-373d5a273b56
age
0
etag
W/"463bd919ea09394d4c874f252ab1fa76"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="theme.min.css"
css
fonts.googleapis.com/ 		92 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CJost%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CQuicksand%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e7aae82f8e38ca95321331f6c78803f3bfa57353eb360400d349ab40e58e2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 May 2023 20:24:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 May 2023 20:24:40 GMT
fontawesome.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jxzvz-1685219080631-b48916b3ab92
age
0
etag
W/"eeb705d0bdccfd645d3bbd46dd1fbab3"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="fontawesome.min.css"
brands.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		675 B
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::wcw6h-1685219080631-26c65cf75bf2
age
0
etag
"144e43c3b3d8ea5b278c062c202c92f2"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="brands.min.css"
accept-ranges
bytes
content-length
675
solid.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		669 B
796 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::j76lp-1685219080637-d9c78d0f60f3
age
0
etag
"9eb2d3c87feb6bb2ffa63b70532b1477"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="solid.min.css"
accept-ranges
bytes
content-length
669
regular.min.css
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		677 B
806 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::f9lhj-1685219080631-0095fbbb30ba
age
0
etag
"3eef8c9e589a6fd58292e79bbac4ba5d"
x-vercel-cache
MISS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="regular.min.css"
accept-ranges
bytes
content-length
677
jquery.min.js
0xrefund.io/wp-includes/js/jquery/ 		88 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::9qxgn-1685219080631-81bf8ba03ecb
age
49
etag
W/"0e850a69bc7fd0acc2e92ce6eee87959"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="jquery.min.js"
jquery-migrate.min.js
0xrefund.io/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:40 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::pdrlh-1685219080643-cdd81dd83a82
age
49
etag
W/"5cfa2b481de6e87c2190a0e3538515d8"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="jquery-migrate.min.js"
header.png
0xrefund.io/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0xrefund.io/header.png
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
de2852a49a5ce50e57e425e73e64adb4c3ceedf8122d5778c04ac29842bbabab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gbd4k-1685219081249-0aa19c96af32
age
0
etag
"94612d4d572210d2b7c76169a9f74e95"
x-vercel-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="header.png"
accept-ranges
bytes
content-length
117369
animations.min.css
gilgeous.com/wp-content/plugins/elementor/assets/lib/animations/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.12.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4824-5fc5dd4412cc8-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cef3a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
email-decode.min.js
0xrefund.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::gbd4k-1685219081238-2e1a3c4c9850
age
49
etag
W/"9e8f56e8e1806253ba01a95cfc3d392c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="email-decode.min.js"
eae.min.js
gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/ 		52 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/eae.min.js?ver=1.12.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
08970ccb7bb12c3148aae7b0ea729e25ae31408987dfb38ac508beae3aeea3fd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 May 2023 17:53:34 GMT
x-php-version
8.0
server
cloudflare
etag
W/"ce38-5fc884c9faf17-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cf03a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
v4-shims.min.js
gilgeous.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=1.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
21833
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"3acf-5fc5dd442de62-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cf13a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
animated-main.min.js
gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/animated-main.min.js?ver=1.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
6fe00479b86775269d169905a3c0e5f1ad76caf73dd75881a1a594ec80651fcc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
33853
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 May 2023 17:53:34 GMT
x-php-version
8.0
server
cloudflare
etag
W/"8db-5fc884c9f8fd7-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cf23a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
particles.min.js
gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/js/particles.min.js?ver=2.0.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4a0096101de4e86ee2c3ee550632330c8edc7312e9549d25039be5a093b21391
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 May 2023 17:53:34 GMT
x-php-version
8.0
server
cloudflare
etag
W/"58b8-5fc884c9fb6e7-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cf33a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
magnific.min.js
gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/magnific.min.js?ver=1.1.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
7586da6ec5a0e01eb5239aaac31dc3d411cae3090cce52a7e00efbda2f32c6bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
21832
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 May 2023 17:53:34 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4daf-5fc884ca033e8-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a6cf43a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
vegas.min.js
gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/addon-elements-for-elementor-page-builder/assets/lib/vegas/vegas.min.js?ver=2.4.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
f429d68fdbafa7014fe049bcae44fdec1e4cdd61c9de788b79c1b0bb57999188
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 May 2023 17:53:34 GMT
x-php-version
8.0
server
cloudflare
etag
W/"26ba-5fc884ca07a38-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d493a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
hello-frontend.min.js
gilgeous.com/wp-content/themes/hello-elementor/assets/js/ 		2 KB
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
c5b8b21392c81f849876a5fa43e830dc2cc0d4b5cb313c7549c7dfce1b8bdde0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
33850
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 29 Apr 2023 13:29:22 GMT
x-php-version
8.0
server
cloudflare
etag
W/"723-5fa7993deaa13-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d4a3a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
frontend.js
gilgeous.com/wp-content/plugins/header-footer-elementor/inc/js/ 		27 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.13
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 May 2023 20:42:16 GMT
x-php-version
8.0
server
cloudflare
etag
W/"6c66-5fb710624c0e7-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d4d3a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
webpack.runtime.min.js
gilgeous.com/wp-content/plugins/elementor/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
070b7d89cff01806f23c0e4e10c5820955064ab7c451ae52ca1a4d0d65a770a1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"135e-5fc5dd4411170-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d4e3a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
frontend-modules.min.js
gilgeous.com/wp-content/plugins/elementor/assets/js/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.12.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
db7be69d987d1cfaed5fa7ee93a3b4ede6f78a2817512e57b74fc74ef0fa69b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"b263-5fc5dd43fb1df-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d503a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
waypoints.min.js
gilgeous.com/wp-content/plugins/elementor/assets/lib/waypoints/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
21832
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"2fa6-5fc5dd4443622-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d523a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
core.min.js
gilgeous.com/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 24 May 2023 11:50:50 GMT
x-php-version
8.0
server
cloudflare
etag
W/"53be-5fc6f1d89e9d0;5fa55d3d19249
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d543a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
frontend.min.js
gilgeous.com/wp-content/plugins/elementor/assets/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.12.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
6b0a49e9aac3aaee72ee6a03c6331fd21c7316791eb38a92a75e1feccd1573fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"9eb1-5fc5dd43faa0f-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d563a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
tccl.min.js
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-encoding
br
date
Sat, 27 May 2023 20:24:41 GMT
x-amz-request-id
FH0P3E93SF8PA32Y
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468116_388276677_2981717650_14_836_12_0";dur=1
content-length
11347
x-amz-id-2
vfCRznBpTwUzsQTqqHQrPBdgJL8bd9m6fgJ2RsnQ7TUvg/tSMOpz6ogFdrj21JebiN+bK0g/VZM=
last-modified
Tue, 29 Nov 2022 21:26:18 GMT
etag
"5c3e20ad749ddb088afc84b1b7ff009e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
access-control-allow-origin
*
date
Sat, 27 May 2023 20:24:41 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Sat, 27 May 2023 20:54:41 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Server
23.36.163.225 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-225.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
357
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
unused62
8096267
date
Sat, 27 May 2023 20:24:41 GMT
x-amz-request-id
RJ3J3PMANG6125DE
x-edgeconnect-midmile-rtt
8
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468116_388276677_2981717657_39_777_12_0";dur=1
content-length
7498
x-amz-id-2
nldPfdb2FYbpxPRfMYRSd83AOL7ZmlBdZQSm5hguJELKdfn8+sza0oLEpTYjiKd2JeD3gDplFHw=
last-modified
Mon, 17 Jan 2022 17:21:37 GMT
etag
"ce554d2333f3801abafb32da18213ff7"
x-edgeconnect-cache-status
1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
access-control-allow-origin
*
date
Sat, 27 May 2023 20:24:41 GMT
cache-control
max-age=1800
timing-allow-origin
*
content-length
0
expires
Sat, 27 May 2023 20:54:41 GMT
wp-emoji-release.min.js
gilgeous.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 24 May 2023 11:50:50 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4904-5fc6f1d8abcc0;5fa55d3d19249
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
7ce0fb9a9d583a68-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
pixel.ttf
0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/pixel.ttf
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css
Origin
https://0xrefund.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::trq7d-1685219081269-541235e4cd46
x-vercel-cache
MISS
content-type
text/plain; charset=utf-8
cache-control
public, max-age=0, must-revalidate
content-length
39
x-vercel-error
NOT_FOUND
fa-brands-400.woff2
0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://0xrefund.io/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css
Origin
https://0xrefund.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::dft9r-1685219081269-e7dcc6480ffe
age
0
etag
"f7307680c7fe85959f3ecf122493ea7d"
x-vercel-cache
MISS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="fa-brands-400.woff2"
accept-ranges
bytes
content-length
76764
logo.png
0xrefund.io/ 		452 KB
452 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0xrefund.io/logo.png
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d62c0d70b2edcf99529822f2b93cbf8c2b74c4cd64ee9228713d16ea0ec6e705
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::trq7d-1685219081282-996673d83b3c
age
0
etag
"fd4b0f24065f6d041cf44786d57b6ca2"
x-vercel-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="logo.png"
accept-ranges
bytes
content-length
462344
bg.mp4
0xrefund.io/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/bg.mp4
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0d31034ca854c7a5e6911945926b109d7cc8a43509f0447b9c01f869f0f4e89c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://0xrefund.io/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::2qhmr-1685219081283-67de84ad0f0a
age
0
etag
"1fd4198647ee3c7b0850367e42f97cdf"
x-vercel-cache
MISS
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-1940509/1940510
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="bg.mp4"
accept-ranges
bytes
Content-Length
1940510
pixel.ttf
0xrefund.io/ 		74 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://0xrefund.io/pixel.ttf
Requested by
Host: 0xrefund.io
URL: https://0xrefund.io/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
01918d86cb163a715dcb97165b997256734dfcc9f550beeb7c142fa4a064cf1c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://0xrefund.io/
Origin
https://0xrefund.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::kj654-1685219081285-e1b80618c571
age
0
etag
W/"5fcd6c657ffa8a6791632c705f0944ea"
x-vercel-cache
MISS
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="pixel.ttf"
text-editor.2c35aafbe5bf0e127950.bundle.min.js
gilgeous.com/wp-content/plugins/elementor/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gilgeous.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by
Host: gilgeous.com
URL: https://gilgeous.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.12.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.161 Amsterdam, Netherlands, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
161.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
c5354cf09ffa00326e1e3f941eceb22c2ef542798a3bd1b6b223a6b4ea5f65c4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 27 May 2023 20:24:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-backend
local
x-cacheable
YES
age
132217
content-encoding
br
x-cache
uncached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 May 2023 15:13:26 GMT
x-php-version
8.0
server
cloudflare
etag
W/"550-5fc5dd440e290-gzip"
vary
Accept-Encoding
content-type
application/javascript
x-cache-hit
MISS
cache-control
public, max-age=2678400
cf-ray
7ce0fb9b29d21c1e-FRA
expires
Tue, 27 Jun 2023 20:24:41 GMT
event
events.api.secureserver.net/t/1/tl/ 		43 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1685219081446&dh=0xrefund.io&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&vci=2116865517&cv=2.0.1&z=2120145849&vg=a3c2cb83-043d-55ea-98d0-5804c1452712&vtg=a3c2cb83-043d-55ea-98d0-5804c1452712&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225b01bb82-7777-354b-84a9-a972c78131ce.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data03%22%2C%22xid%22%3A%2245080685%22%2C%22wp%22%3A%226.2%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22201%22%2C%22wp_alloptions_bytes%22%3A%22160902%22%7D&hit_id=05b6dbad-f12e-5d00-bcf1-688567d33ff3&ht=pageview
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:2c::213:6143 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 27 May 2023 20:24:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://0xrefund.io
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?cts=1685219081823&dh=0xrefund.io&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F113.0.5672.126%20Safari%2F537.36&vci=2116865517&cv=2.0.1&z=1316573659&vg=a3c2cb83-043d-55ea-98d0-5804c1452712&vtg=a3c2cb83-043d-55ea-98d0-5804c1452712&dp=%2F&ap=wpaas&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%225b01bb82-7777-354b-84a9-a972c78131ce.secureserver.net%22%2C%22pod%22%3A%22n3nlwppod03%22%2C%22storage%22%3A%22n3cephmah003pod03_data03%22%2C%22xid%22%3A%2245080685%22%2C%22wp%22%3A%226.2%22%2C%22php%22%3A%228.0.27%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22elementor%22%2C%22theme%22%3A%22hello-elementor%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22201%22%2C%22wp_alloptions_bytes%22%3A%22160902%22%7D&hit_id=ec8905fb-7add-5201-aca6-c2acef5b4ad3&ht=perf&tce=1685219080584&tcs=1685219080560&tdc=1685219081786&tdclee=1685219081454&tdcles=1685219081451&tdi=1685219081451&tdl=1685219080604&tdle=1685219080560&tdls=1685219080538&tfs=1685219080537&tns=1685219080537&trqs=1685219080584&tre=1685219080601&trps=1685219080597&tles=1685219081786&tlee=0&nt=navigate&lcp=1028&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:2c::213:6143 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0xrefund.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Sat, 27 May 2023 20:24:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://0xrefund.io
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| eae object| eae_editor boolean| isEditMode object| breakpoints object| popupInstance function| a object| ___FONT_AWESOME___ object| fontawesome-free-shims function| pJS function| hexToRgb function| clamp function| isInArray function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| twemoji object| wp object| webpackChunkelementor object| elementorModules function| Waypoint object| elementorFrontendConfig object| elementorFrontend object| _trfd boolean| _tcclPageReqFired object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| _trfq object| tccl object| tti

2 Cookies

Domain/Path Name / Value
.0xrefund.io/ Name: _tccl_visitor
Value: a3c2cb83-043d-55ea-98d0-5804c1452712
.0xrefund.io/ Name: _tccl_visit
Value: a3c2cb83-043d-55ea-98d0-5804c1452712

1 Console Messages

Source Level URL
Text
network error URL: https://0xrefund.io/wp-content/plugins/header-footer-elementor/inc/widgets-css/pixel.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0xrefund.io
events.api.secureserver.net
fonts.googleapis.com
gilgeous.com
img1.wsimg.com
img6.wsimg.com
160.153.0.161
23.36.163.225
2a00:1450:4001:829::200a
2a02:26f0:2c::213:6143
76.76.21.21
01918d86cb163a715dcb97165b997256734dfcc9f550beeb7c142fa4a064cf1c
070b7d89cff01806f23c0e4e10c5820955064ab7c451ae52ca1a4d0d65a770a1
072799c158a63f494abfbb8c4a0a7f1322029d531192c34092b88ddfdf693b2d
08970ccb7bb12c3148aae7b0ea729e25ae31408987dfb38ac508beae3aeea3fd
0d31034ca854c7a5e6911945926b109d7cc8a43509f0447b9c01f869f0f4e89c
149494ff1db4f823e437a4f4ac1b710a6934af6e9d47749b0d8d3c09da2b9048
1d09f28a1b8fe73d31fdfa9f4855913c7f877bf51e74648887fd67ab156583a1
1e7aae82f8e38ca95321331f6c78803f3bfa57353eb360400d349ab40e58e2d1
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
304bb178716a5fb955d240295eb0b15a07076eccd91e33dad17f50b663e418a0
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
4a0096101de4e86ee2c3ee550632330c8edc7312e9549d25039be5a093b21391
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fd1923c7c06896ff697c84bcab11b031c33e847732b9ee69853c22265ced201
62227576fbbe6e1e90bfe59f3d5f0bf93993da5fd8379a09cf3dc3e764d1a881
6b0a49e9aac3aaee72ee6a03c6331fd21c7316791eb38a92a75e1feccd1573fc
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
6fe00479b86775269d169905a3c0e5f1ad76caf73dd75881a1a594ec80651fcc
7586da6ec5a0e01eb5239aaac31dc3d411cae3090cce52a7e00efbda2f32c6bf
796f7b42768f7f383b5a92ae4d463e50462b8c37e7f140129a7629d95917b2f4
7df5bb108fb45ffd903b10fa15e2c7b9b869898bce89408d06609b8e2441bd30
8850185ee5bc949b4bb398dfee133debe7a0a53390ab47a45ee3ba0a59cacd48
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c5354cf09ffa00326e1e3f941eceb22c2ef542798a3bd1b6b223a6b4ea5f65c4
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c5b8b21392c81f849876a5fa43e830dc2cc0d4b5cb313c7549c7dfce1b8bdde0
c6ff0303ac513301fda2f193bcfbfd3f2173edb035af93b7cd1c640d6476b655
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d10c120206d25caa3deafc45a0ed90f2a6ce5290402c4502a68d95bcaeaa898b
d1eae4e53d56bf460f501ef094e7ac0895f39562e8152a7e1b92c3cbfbda432b
d62c0d70b2edcf99529822f2b93cbf8c2b74c4cd64ee9228713d16ea0ec6e705
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
da2d4e946cdd40bdd4ab2af60419d17da9bd8b47598da05e6f55d4e3ef627c34
db7be69d987d1cfaed5fa7ee93a3b4ede6f78a2817512e57b74fc74ef0fa69b6
de2852a49a5ce50e57e425e73e64adb4c3ceedf8122d5778c04ac29842bbabab
e0ae0a7944033a36d26dada1929f62ab2c2a4e43998bfe28f849c052ceb36fba
e65916f9a5c70cdb24ccd28a538a48afb387063bb1f89a69492b7170aa5e1285
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
f429d68fdbafa7014fe049bcae44fdec1e4cdd61c9de788b79c1b0bb57999188
f7b52748934689b8a104587c43ccb31abbe154cf3cf76db4f25ed9bde8dd123c
fb21f292ba07fe5f681c9df39499e14d259adbdd6848be17e0345fa4cecb6095
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c