capital-refund.com Open in urlscan Pro
2606:4700:3031::6815:3592 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://capital-refund.com/
Submission: On January 26 via automatic, source certstream-suspicious (January 26th 2022, 12:45:06 am UTC) — Scanned from DE

Summary HTTP 83 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 17 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3031::6815:3592, located in United States and belongs to CLOUDFLARENET, US. The main domain is capital-refund.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2022. Valid for: a year.

This is the only time capital-refund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:303... 2606:4700:3031::6815:3592	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.177.254.66 35.177.254.66	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.117.198.163 104.117.198.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.157.4.128 108.157.4.128	16509 (AMAZON-02) (AMAZON-02)
7	18.66.248.122 18.66.248.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.38 108.157.4.38	16509 (AMAZON-02) (AMAZON-02)
1	104.117.200.54 104.117.200.54	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.247.90 18.66.247.90	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
12	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
1	143.204.215.26 143.204.215.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4010:c0e::9b	15169 (GOOGLE) (GOOGLE)
1	52.209.125.250 52.209.125.250	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
83	21

39 2606:4700:3031::6815:3592 (United States)

ASN13335 (CLOUDFLARENET, US)

capital-refund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.254.66 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-254-66.eu-west-2.compute.amazonaws.com

www.hihostels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.198.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-198-163.deploy.static.akamaitechnologies.com

chimpstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.128 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.248.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-122.dus51.r.cloudfront.net

downloads.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.38 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.117.200.54 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-54.deploy.static.akamaitechnologies.com

mc.us20.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.247.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-247-90.dus51.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4010:c0e::9b (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.125.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-125-250.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	capital-refund.com capital-refund.com	771 KB
12	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2517	11 MB
8	mailchimp.com downloads.mailchimp.com — Cisco Umbrella Rank: 11981 cdn-images.mailchimp.com — Cisco Umbrella Rank: 5534	87 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 644 script.hotjar.com — Cisco Umbrella Rank: 919 vars.hotjar.com — Cisco Umbrella Rank: 1012 in.hotjar.com — Cisco Umbrella Rank: 1810	65 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	513 B
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3036 onesignal.com — Cisco Umbrella Rank: 1251	73 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	113 KB
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 348	627 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 367	13 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5557	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 13	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	444 B
1	list-manage.com mc.us20.list-manage.com — Cisco Umbrella Rank: 57538	3 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 2989	600 B
1	chimpstatic.com chimpstatic.com — Cisco Umbrella Rank: 5091	1 KB
1	hihostels.com www.hihostels.com	3 KB
83	17

	Domain	Requested by
39	capital-refund.com	capital-refund.com
12	res.cloudinary.com	capital-refund.com
7	downloads.mailchimp.com	chimpstatic.com downloads.mailchimp.com
3	www.google-analytics.com	capital-refund.com www.google-analytics.com
3	www.facebook.com	capital-refund.com
2	connect.facebook.net	capital-refund.com connect.facebook.net
2	cdn.onesignal.com	capital-refund.com cdn.onesignal.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	capital-refund.com
1	www.google.de	capital-refund.com
1	www.google.com	capital-refund.com
1	in.hotjar.com	capital-refund.com
1	stats.g.doubleclick.net	capital-refund.com
1	vars.hotjar.com	static.hotjar.com
1	cdn-images.mailchimp.com	capital-refund.com
1	onesignal.com	cdn.onesignal.com
1	mc.us20.list-manage.com	downloads.mailchimp.com
1	script.hotjar.com	static.hotjar.com
1	fast.fonts.net	capital-refund.com
1	static.hotjar.com	capital-refund.com
1	chimpstatic.com	capital-refund.com
1	www.hihostels.com	capital-refund.com
83	22

This site contains links to these domains. Also see Links.

Domain
www.hihostels.com
groups.hihostels.com
www.justgiving.com
blog.hihostels.com
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-26` - `2023-01-26`	a year	crt.sh
*.hihostels.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-03` - `2022-11-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-04` - `2022-02-02`	3 months	crt.sh
wildcardsan.us15.list-manage.com DigiCert SHA2 Secure Server CA	`2021-11-19` - `2022-11-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
downloads.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
wildcardsan.list-manage.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-09-27`	a year	crt.sh
cdn-images.mailchimp.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://capital-refund.com/
Frame ID: A6A81BD689648C9A2CA05400E1E31213
Requests: 76 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Frame ID: CB706ECCCC0F04DA15B0269FE6106EE6
Requests: 2 HTTP requests in this frame

Frame: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Frame ID: A228DEEAC5FA770CEB643AC8FB54E422
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: 6F3BC5C0541FDD89CC9A30CB69D637E4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2C1BB46A7E94384342249AA43CF25C63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jugendherberge Netzwerk - DJH - Hostelling International

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

chimpstatic\.com/mcjs-connected

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

83
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

22
Subdomains

21
IPs

5
Countries

12414 kB
Transfer

15940 kB
Size

17
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hihostels.com/de/checkout/emembership
Title: Kaufen eMembership

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/explore
Title: KARTE

Search URL Search Domain Scan URL

URL: https://groups.hihostels.com/?locale=de
Title: Gruppen

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0001/hostels
Title: Jugendherbergen in Amsterdam

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0004/hostels
Title: Jugendherbergen in Bangkok

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0005/hostels
Title: Jugendherbergen in Barcelona

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0040/hostels
Title: Jugendherbergen in London

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/us-new-york/hostels
Title: Jugendherbergen in New York City

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0048/hostels
Title: Jugendherbergen in Paris

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0315/hostels
Title: Jugendherbergen in Rome

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/destinations/0059/hostels
Title: Jugendherbergen in San Francisco

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/checkout/membership?linksubid=cmsHeader
Title: Kaufen Sie Mitgliedschaft

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/480
Title: Ermäßigungen weltweit

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/tripbooks/hi-membership-benefits-223464
Title: Ermäßigungen im Reiseland

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/481
Title: Mitgliedschaft und Rabatte

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/483
Title: Membership AGB

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/533
Title: Mission und Werte

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/checkout/donation
Title: Spende jetzt

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/534
Title: Unsere Geschichte

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/535
Title: Nachhaltiges Hostelling

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/536
Title: Globale Initiativen

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/537
Title: Lokale Initiativen

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/pages/538
Title: Ihre Auswirkung

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/tripbooks/volunteer-around-the-world-225933
Title: Freiwilligenarbeit

Search URL Search Domain Scan URL

URL: https://www.justgiving.com/hostellingint
Title: As a charity whose mission relies on travel and social interaction, COVID-19 will significantly affect HI in 2020 - as it will many areas of our life. Please support HI's charitable work during this difficult time

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/pages/535

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/pages/533/mission-and-values?locale=en
Title: Being a HI member means you get 10% discount on your overnight bookings - but we're so much more than a bed: we offer HI members a whole range of great deals and offers through our partnerships worldwide. From museums and tours, to adventure activities and national parks, enjoy the benefits of the real hostelling experience.

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/pages/536

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/pages/537

Search URL Search Domain Scan URL

URL: https://groups.hihostels.com/
Title: 10+ guests? Your journey starts here.

Search URL Search Domain Scan URL

URL: https://www.hihostels.com/de/tripbooks/hi-membership-benefits-223464

Search URL Search Domain Scan URL

URL: http://blog.hihostels.com/?lang=de
Title: HI Blog

Search URL Search Domain Scan URL

URL: https://twitter.com/Hostelling

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HostellingInternational

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hihostels

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
capital-refund.com/ 83 KB
22 KB 565ms
401ms Document
text/html 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-refund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger 6.0.3

Resource Hash

beeafa1b7605b12e60003a596bafcb332520ebeba64894ced0fcb15da6765a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
status: 200 OK
strict-transport-security: max-age=31536000
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.3
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilbJaXk9gxfgDAtN6dx3SwmCUpFkSj8TzTyxbrT6jxH3Ssl6M5AeMGvLT5bQnXUvHxISnhpHAD9gWGLgQ4zo6bXckodFcMjs%2BFfptzx5ejZsbCbjiB5eArH4VNHNtsQupDzxN%2Bc7SZI8VvKMcp8rkxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d35b74759333751-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 datepicker1614181734.css
capital-refund.com/assets/ 17 KB
3 KB 76ms
76ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/datepicker1614181734.css
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f6640f9374481fea6e9bf9ba528cf18a710a9787463080ab7aadc544079ae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltOKL8b3%2FrN9%2F%2Fya0KisZLY7mCQbGAzfwzanwchxXfUEoIOG7q6J120cBW%2BgAr4A4Z3GxyjIndpRhUXerfTmW2gQ0Zs%2F00ZdlIMPZCnat6W4zbIHYyGMIQKfx5MX%2Bc2aMXJI%2BlBpCFs0ng9HXirpLFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74a0bd73751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 desktop1614181734.css
capital-refund.com/assets/ 118 KB
21 KB 103ms
103ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/desktop1614181734.css
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c27278e9982a68f174a7bbe5ba00c971fc8c5ad6c93d7146a5ccc6f2ae55241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-51c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVejDgTXR48Lpiyp2Ki7yR9jnygk3KdmCcR6i9EzbvtP4PDMJ499dAvLIUZ5ak4do37i43%2FwJj%2Fc%2BAXuxLMiincnHIs8QJOZEF2ojfvqQTaXQBQudc0tmQbgGA3v8ZrjhjwDm52a0VFavMbxBnssmLA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74a0bd93751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 galleria.hi360.css
capital-refund.com/javascripts/libs/galleria/themes/hi360/ 8 B
312 B 77ms
76ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/javascripts/libs/galleria/themes/hi360/galleria.hi360.css
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a06fd750de7374983daf40016564b1fb6f2168ed2c5742ccf69912e8574803c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muTilsGflUkUCRXbkgbPRZK3Y%2BJgx5iDhwhXoW3Z1hu7m4v6a2p8LkJcYs5bWIDDsJqiBWWjUc3cE%2BanYSMlPIqd1sQuY4jnuQ2UfZXh95g3oj%2FFW1Ujb2ZgjnMagNEZdDsQzsmwuqczkrYRgcJNDE4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74a0bda3751-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 88ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1383
etag: W/"f138f96bdde8c4ff4dce4300db918980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d35b74be9e13761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 29 Jan 2022 00:45:00 GMT

GET
H3 200 de.png
capital-refund.com/images/flags/ 292 B
844 B 56ms
54ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/de.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56be989d6c0d14b7c009bfeb3aa6328482742b363c47da76955685b3c4ec83a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-124"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1kPqYjKWIlbfh28B2UBvPuWNoHAoeQH%2BAh1c9ryOEVfX%2BnRQXA7GeMnPJ%2Bz5ZIhNI4LxxOKt9Rylndj2tFDZSGrXDen8wfQ%2F%2FzW20rxsCpqaVFKfdHxkDqUrh32pig%2Bq6KgCJks2ZDwGSTP6lVQCO9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc1906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 292

GET
H3 200 en.png
capital-refund.com/images/flags/ 519 B
1 KB 44ms
42ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/en.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b206d623b4cbf8b67243abdb1a113c9dff992e594f4cde1864055e455e9ee177

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-207"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWs8nX0PKTXRGMpUv1TF7dcvyn8ZECB4DaRTgMI2F1aikvGIokQVd%2FXyJCohpLk7z935dLZPsXgG7%2FzaWUJ%2BB%2F8UPSj9%2BCAqUMmmVyAoMT9vBs22tN6QVTCVPIMbH6bR2hhophhYyU10yN%2FJPCEiyTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc3906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 519

GET
H3 200 es.png
capital-refund.com/images/flags/ 394 B
946 B 51ms
49ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/es.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4e90f2311bfe61d15584ab332c3976b32d06c810df120191cf3089985222e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-18a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmbR%2Ft7RtgiY3%2FDlTpm6hdg6mTb0PU5%2FzDrE2GVnJXGMfpWsBfxzitDxGnuFgNpNhwL9HScBWCpEs7XV%2FULRdlO%2BA1kUliZTttehmjz%2FkY2pZBCBJofj9vsyyNWxKsOdWm4AO7xFjhdFlvC2ezzOOPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc4906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394

GET
H3 200 fr.png
capital-refund.com/images/flags/ 357 B
903 B 50ms
48ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/fr.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac26f57b1a1a340264cf2bb142b1cc98c354eed63473321f3d4316393b6d640a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-165"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFue6z0umV79ff1bPcw8auFg%2F365UkSF2LDwgxrZmjsqQzHekE9HdhZ5qI8OtNYP5QihgUTLjays4DJsbifPUUIWoH1xi%2FRCUc5hT3LiUzYpRHCZYO9FhefyztbnGVEpcTjgdDcPq7Dfh3LfwCq5ayM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc5906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 357

GET
H3 200 it.png
capital-refund.com/images/flags/ 399 B
950 B 51ms
50ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/it.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d46317b99537c2638ae6f8643d7f2565e133f8cc147b51a2622aa8faaf468cbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-18f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3hEGvmsYX6t5aGkFnmRprBvBgxvMXzJi4mI2P%2FOPRfzdDLcTWqI0E7nRo70GxQZ0oB45LQJxdC84IIbJSlTGi43ebXq5UyPhRZ32KUqAmjhkgbnDNfMe%2FAum%2BJdPZv%2FZspu3G%2Fl48YR9dvrerL3WZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc6906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 399

GET
H3 200 ja.png
capital-refund.com/images/flags/ 336 B
881 B 49ms
47ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/ja.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8cfb3ef4be247b28853a1330c1446bb545c3f9d471d98d2a01bf5c0cfcc283f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-150"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxtP3ctMf7RozNxFqkibwvjXEqEjtJR2k1zSCy8VU8aubiyGjrjGcmz0SRB3FDJkxfyM0IxqJ5RUURdnZTtVgT1%2FCoTso6IPnnGFMFHHypOzadryePJzXkBeCZMy3JnS4na6CiR9ttioTo2c8hqXl1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fc9906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 336

GET
H3 200 pt.png
capital-refund.com/images/flags/ 586 B
1 KB 54ms
52ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/flags/pt.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6352af4fc3ed5f81193a1fb3a215b43dd38eaba36230459ea68a83e09fcbfd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-24a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwafCxocXayrp%2BBS9ohxtJl5HSzRjMvcq%2B4vkGPJ4SU8C0F9viokVVvoB97aroUIr%2FyuOyBwBMztNBcmS5AYmsAt6MEXErTNbnOBB0f2EAKstXuONN%2FG9%2B4qHhC7s6wfclo8qWHdWh76MU7Y1tVCspE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fca906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 586

GET
H2 200 icon-hostelling-international-logo.png
www.hihostels.com/images/interface/ 3 KB
3 KB 110ms
38ms Image
image/png 35.177.254.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hihostels.com/images/interface/icon-hostelling-international-logo.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 35.177.254.66 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-254-66.eu-west-2.compute.amazonaws.com
Software: hi-web-server /
Resource Hash: 2876112f21946a98a796c6b247848bc5d3a9bf2a599c67546dff7d01791ca4c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: hi-web-server
accept-ranges: bytes
etag: "60533c3a-ac9"
content-length: 2761
content-type: image/png

GET
H3 200 hostelling-international-logo.png
capital-refund.com/images/interface/ 4 KB
4 KB 45ms
43ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/hostelling-international-logo.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5468d7dfff5faffd1a69e7642210bca4c34a1b348fbb3a7cf9bceb059091e66b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhPIqpZuJ7lxcOqGNfrR8uLKcBfaxVHLsNVHvlmw5A9bVlnQxwYXrzd1vudgp550b9R6TW53WC8aonKmawcImlRHaDcT%2By8XCDoTN2nLvk%2FWbJviyTEMUx6GMPi%2B72X3lDv%2BpFNeNk%2FmYljRSLtsz0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fcb906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3697

GET
H3 200 1x1.png
capital-refund.com/images/ 95 B
642 B 56ms
54ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/1x1.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Al%2BlPaqjKFM8IMAqFbfJMVFJ%2B1nDW0oVNRsROxDvFpNlVB55su0PTZZ9iRtq3yf0N6cPz0t5W2kIJsCRfRqjtcGkBknWN90poKFhmz85VBSH69VKXaJLbVWZ7pFrsnIOBbndsUA4kXYgEL%2FRgOW5Pv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fcc906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95

GET
H3 200 1x1.png
capital-refund.com/images/ 95 B
647 B 53ms
51ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/1x1.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67AQEEUHGBzn0buxuEK%2BLAB0lvNZP%2Bn1iUv6CN69j5fDPyXQjQKHOZd0XaOdGEzfuqBFLf%2F5HPvv6X4MMUBfKGkE5l2N6GXvZID%2FjWWOXLagkxnYgQZVyhnZY6yqKa4LE2FbPovp3k6KXcWIjn4RzQA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fcd906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95

GET
H3 200 icon-twitter.png
capital-refund.com/images/interface/ 580 B
1 KB 56ms
54ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-twitter.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f1ebf4ed710e132a9265e93974d1e437046b7611e61f6935eaccd3f6b87edf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-244"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q2woV0gi97CVLILr9QiTyUlJafhl%2BeJta3WAUcLxr7vjMnbzPoQ%2Ft%2BnHtcSigZNPj3P9knoYTMSPM5RUk41%2BG5Wy58T6YkNufOp4O9zWH6dja3ipmIzN0I26H37WWzv6am0i5FM46jR27qi%2BWUCFJj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fcf906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 580

GET
H3 200 icon-facebook.png
capital-refund.com/images/interface/ 373 B
928 B 47ms
45ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-facebook.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728cabdd9d29f807df010b119b9c0c7559de73a42ee444e09b6d6b59b29bea8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-175"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xf9%2BgD1QKIHx%2Fy7n%2Fy1kw0qVXvG5N8bozGAwYP0H4R%2BY%2F0ZLW%2BSblBaHcZf2GOmrkmBcQJ1wFMigzuXzhYv%2Bv2WLBTSGfFiTUKThm6OJLw8Cle2VUJTf8VqWkdGmkjxWwum3rnHcKnbKq7eQPs2vHx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fd1906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 373

GET
H3 200 icon-instagram.png
capital-refund.com/images/interface/ 822 B
1 KB 51ms
50ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-instagram.png
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2e24e6217f544311a53b4e6089a9d0deee9b6170e47d3bad8e11b27ce58174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOAHoguzo58%2F0%2BwtkwCeVXrFhxKs9mSOIT1SjJKzEw3ueF%2F63XEYaNFowuVSp6s4IzSK3xu6T8gDXsxKZ8zcVXXxW8joB09aIcMWrRzzd%2FzeG2JRWyc6LJl9CzkyUi218A9YiArelnVRfpVPOtq08jE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fd2906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 822

GET
H3 200 de.js Show response
capital-refund.com/locale/ 178 KB
65 KB 724ms
723ms Script
application/javascript 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://capital-refund.com/locale/de.js

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger 6.0.3

Resource Hash

3580173f93282afbbbcd7d1c303fb971fcd8f9a20997f9fb9ca7a652d9b5d59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Phusion Passenger 6.0.3
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLkhITceXrskMKBXNMAj5AsHobocMDEG8JG7TBFOhxOiEyuYwamujSThpJyMdLz%2F8n0JnOMc1Nx8Yg1FQE8MGpcrzNCtxKcY58IDEMZXvYlyOz7KUhUYJbsP7kMfEHfF%2Fnc%2FpXddtOHus03voGpevKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cf-ray: 6d35b74a7ea0906c-FRA

GET
H3 200 hi360_jammit1614181734.js Show response
capital-refund.com/assets/ 1 MB
324 KB 108ms
107ms Script
application/javascript 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/hi360_jammit1614181734.js
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2789a5983cc1685143ee4fa6a170bb53da12496eb460400cdd0d604d0ab337fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-4dd76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdE%2FyTRFrMoTNjvSpsrUCS3Dj8X%2BNU9XCkmkoFgeNrBy5L1itAYdtRwWbTRRFZ%2F66wm9NaZMfCHXvbElgyowgeyTwAJ4i66vTVasRMOWvwpgvB7LlEaah1AbUmXer%2FxyPTTKoINVDagwzfJvCF0cqKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74aaec1906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mtiFontTrackingCode.js Show response
capital-refund.com/javascripts/ 650 B
968 B 47ms
46ms Script
application/javascript 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/javascripts/mtiFontTrackingCode.js
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-28a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qixgjrXhyg%2BHgw24EvOPPqAphqcT%2Fxr8u7mVPjhmrE8u5MvvCNQbIDazKtU5RRuDccEzkdDUUxQSa8y%2BUABnOnTZEDAdswzrkAHcG1K4F2ZAHIuaTRaiqnocaiLremJbIL0dE%2FFlSqmkJP0H%2BHt2X1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74b8fd3906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobile1614181734.css
capital-refund.com/assets/ 123 KB
20 KB 59ms
58ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/mobile1614181734.css
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 834dc31d4ccf21ace966cf86df8a2dc258e47b2da9c9d9fe97aa02ebfe53bb9f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-4f38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QEevAjTTys%2BctE15xQAESqJ%2FKyi8NQq7p2wUI%2BMXMjHR7EowiF8nJ%2FPRdaGXBG%2Fpf7MkKBkr%2B%2BBbvp36msKlNngTdsnHXDZJEnEco7r3N4hsm9OCugRfrxSJ59KZEc9Tf%2F27QVrDtFLX85MpmDM3Z50%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74b8fd4906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tablet1614181734.css
capital-refund.com/assets/ 65 KB
8 KB 52ms
50ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/tablet1614181734.css
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eae510ee9b06111d9a221a8fccf6479d527481ab95e66c7f3f7cec156286edb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-1ea2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iANMRrD81AGZwSZxzKj1Pt2DVZgrOXDbj3UHX%2Fa24OfQuugV2tTzQPysA2hwAx6tTeeFvXmtUW0lrUnYZ5ivgk7xiVWXu%2F04F50QMtx3%2B%2F%2BBHJjW0J4tJPAlPvyEz1Lni5stfzUDsmtzIcq%2BwS%2BcljQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74b8fd5906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 desktop-blessed2.css
capital-refund.com/assets/ 190 KB
26 KB 66ms
66ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/desktop-blessed2.css?z=1614169987300
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749caecb482155a14b9470d5a6b57290eff3bb3fbc9d31a681f0e1465cf7b20e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-6376"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rPxTjcfO7QOpc79BKcSomYi9gQz1ggFq91DdKDO89DvgA3ySVjE%2Fjq31eJnbRVVHIVhyC3tgJeIrX%2Fn4TwvUjItxVkAyeDj7uSVaN8z9rmKdNnPBV4Scig4y%2FEr0Sq999YXMb19bMgcC9vROPpDsZls%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74aaec2906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 desktop-blessed1.css
capital-refund.com/assets/ 264 KB
43 KB 80ms
80ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a22b2707e3cc198705449b911f2fd5ea0d7cd642cb03fff6e5d8a2f3310458a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:44:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-a986"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhl5E2IFt7cfW7DO%2Bhw2p%2BZrklV2A42GH9araLb7u2U%2Fp5%2FP4y3IwuEq%2FLPkGl7b4DiIzM7Aw9X9z7NHHQvq2W%2FkTQbAtws7nbmcPsfe1366mpLMhiMjVEb6wvNKzWfJjFcdYFyTGU0VNB9wYbuHS0U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74aaec3906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 all.css
capital-refund.com/stylesheets/fontawesome/ 46 KB
10 KB 52ms
51ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/stylesheets/fontawesome/all.css?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop-blessed2.css?z=1614169987300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbed269cbf3d2107f253a50c6a3691b70773b63fa111b8a6fc6e1a8f3db904f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop-blessed2.css?z=1614169987300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-b753"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAg3uNQDrlVwkp9iuYpSqvvSv89m1ceDfJrPolz9R8pd4xOm4oiqScUnZHPTxl1dH0gGF943WaX2v2APqL%2B4uzUEv7qHxVffwkvo39YS%2FRcHVspiG9qBQuPyeZNIgZF%2B%2F%2BDyCxS4emBSbfy6l%2BikLj0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74b2f44906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: xwW8eHhDZ4ft0yA9/aTuCy68SZqFCKW+YPB9OGCVgsI27DJgujDwtETro7hV26jIHBnow0WApoGjrpV+Hqw7LQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 26 Jan 2022 00:45:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK e23da8ae1403d07586e812fb7.js Show response
chimpstatic.com/mcjs-connected/js/users/7688a4d4a861ef7e849ef9e74/ 2 KB
1 KB 43ms
15ms Script
application/javascript 104.117.198.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://chimpstatic.com/mcjs-connected/js/users/7688a4d4a861ef7e849ef9e74/e23da8ae1403d07586e812fb7.js
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.198.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-198-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 95cbcb11f145f30fcf597a4030f946cdd84ae1437e7017ea49d390315119dece

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:45:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Aug 2020 20:07:01 GMT
Server: AmazonS3
x-amz-request-id: ZD74YYDZKEC51RTZ
ETag: "84f97ec4707c9430c450a8e68e80192b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1136
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 703
x-amz-id-2: c5Nw1F4f7vCvTFU+ntCjA9tka27tziilsVG74nr7YN5+C4aXXqsJpUI8QkHlkEgQVOSEc4Yqg4M=
Expires: Wed, 26 Jan 2022 01:03:56 GMT

GET
H2 200 hotjar-2190243.js Show response
static.hotjar.com/c/ 4 KB
2 KB 66ms
44ms Script
application/javascript 108.157.4.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2190243.js?sv=6

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dc71c609ba365533d059e7ece0ff30b93a95d0bf254e873e5bb56270a43cffea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
x-cache-hit: 1
etag: W/812ff4a23e7d41c45fff74fe249fbcc1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
content-length: 1891
via: 1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
x-amz-cf-id: 76kr-EWkWDpODb6yFcKQCvrItdYNIzlth9wJGZFoIiinC9LOl3S6mQ==

GET
H3 200 icon-information.png
capital-refund.com/images/interface/ 413 B
957 B 44ms
44ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-information.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43954ce6302b2b5500c4129dc6e93e91265d03e7c8ab81832e085566955da17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-19d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrYJ0YowXycIJUptTVttkiwMbcESdNTJW6Ill3cvhEki9GgVETiYI5JOPzFPhwqxivVsXVQmSUBZNa2jLrkZ1ojiJ9n1keTRTMhQubZF9nklLgno4Z9ddJ%2F20jK1rwrusjRQ7pmaHWPC30r1jJ0DGds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fda906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 413

GET
H3 200 bg-main-nav-divider.png
capital-refund.com/images/interface/ 88 B
635 B 45ms
45ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/bg-main-nav-divider.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34618fabc90c88365b7b317ef903a79c17dfcd49f7a6861117d95c149f243988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL%2BhWzeRDbOo9T6lJ9mIoBIENSwmPaN7QvOZibfJRlQEh%2Fbw6IB7GYlvnBapCdygnMy5gDkpemwaI6XitPtw%2BimIzFqRJwhv8BXwbdKo7nu0btoaj4tjTudcuTPonTMXovU5DPN08GdJJsqdu%2BmEAm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b8fdd906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88

GET
H3 200 icon-basket-cart.png
capital-refund.com/images/interface/ 604 B
1 KB 49ms
49ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-basket-cart.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fa0c28e22f1154b9b65c913b8941e42ce86529bd68042fe14db4f4898527546

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-25c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72y7%2FHsAAqDYq1rHVVlGzZZxtZQQWmxlhQHjnGfNPekY7U%2BR%2FZLCjFrIQVM6pAk0%2BA%2Br8vaiwFW1m71yn94t2oNy%2BX%2FBAPM2VGoX2buxnWETHGDv05t7az%2FSUfRXmCxxpfI2EAlK57m8nsGtoPlVoB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b9fe1906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 604

GET
H3 200 icon-calendar.png
capital-refund.com/images/interface/ 192 B
740 B 47ms
47ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-calendar.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3db78e6cd1fadc294139e9483a4216c51b2f0b3605c39e29c20df36dae624a39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeNIMF3usVao0pL1cs9nhLT4NhfgwOA8ZykbXgAmEOHVmRtFBtry7tdR4YhIpPVwWsoD%2FFyVH5qoHdXYG%2BgdrfFB3Oigz29wpbij%2BxPzpKpxa%2Bd3iOWyYFC1ZZuMO0hgcEqWdbMhbzyHnOutrdSVkBI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b9fe3906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 192

GET
H3 200 icon-search.png
capital-refund.com/images/interface/ 495 B
1 KB 46ms
46ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-search.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 224608badfa68f3db53b5f3316faad92fe5b07a41e9cd87ccfb6877aec60c0e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-1ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbmxl%2FlP8PcUIF7SH7GQUzWxb7PmxmqERNM%2B6f%2Bi5I0lUtB7jS6AnYDavtFF2A%2BD%2Bp5tzs7eGgQZcd2iK9Ss1WWSFU0JM9GzORRvITKS%2B%2FlBwTuzjqZFs7C2G6P1ZavkJug9%2BrhRNYvWUIuYmZowceg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b9fef906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 495

GET
H3 200 glyphicons-125-message-plus.png
capital-refund.com/images/ 271 B
823 B 45ms
45ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/glyphicons-125-message-plus.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97128792e01a09c5bf6c545b8392c880e2f3446d6f76249be28320d694912b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-10f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrMQtYYeAaWgaiUBd33HwUNvgNf%2FHAW5WNUE%2BQlj73GPJyEGG2bcVAuQmTR5gWQLoL3o9GExu8qcHov5NmiYBwEh1rQJhzREbn1pPxrLf1dqCMJfVLSAMoFuNvt0GTZRfXh5TV%2By%2F6GyBa%2BBdDCd%2BSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b9ff7906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271

GET
H3 200 icon-arrow.png
capital-refund.com/images/interface/ 240 B
789 B 32ms
32ms Image
image/png 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capital-refund.com/images/interface/icon-arrow.png?1616067642
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d800760f3c510d376329182801ac90d4f1f760999fd9666d43312b6b5a0d5c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/desktop-blessed1.css?z=1614169987300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: "60533c3a-f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcj%2Br4D4613iEzeIpLPVRaYkJAU8qzgqdhISinZnA4ZmOtCBYPe4SrmX%2Bowu0VO43U462SP%2BgXiTsEg7MFWHF%2FSiM4ZUQgjft4fvNh%2Fje6oStgHZK1i70%2FGgYFG50MOAnpzvZtD1faYmoxEQi3ygaa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d35b74b9ffa906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 240

GET
H3 200 9fa24f1f-00d8-4d28-910f-78e925eaead6.woff2
capital-refund.com/Fonts/ 18 KB
18 KB 57ms
57ms Font
application/octet-stream 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/Fonts/9fa24f1f-00d8-4d28-910f-78e925eaead6.woff2
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f8ad028eec1b565d53c881c568319fd3c64a6489e7c5725e81b210146f28ed7

Request headers

Referer: https://capital-refund.com/
Origin: https://capital-refund.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18280
last-modified: Thu, 18 Mar 2021 11:40:41 GMT
server: cloudflare
etag: "60533c39-4768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpC2Ad8ZoI9%2BBTEFxlSbNlPXDF9pz0W4Wh%2B5dj1GxOYCQQyMZe6ogM%2ByfQ81iAjaGXI1eRYKv6rwEJqYBbE9inRauMgR5y62MRim2V1Y2YimT0Fl0Ay6lXi76tor7hmNxkp%2BYsSv9L9HMLvUojLATKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d35b74b9803906c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 173fc8c3-747d-42e5-b1e0-84e07ea40014.woff2
capital-refund.com/Fonts/ 23 KB
24 KB 56ms
56ms Font
application/octet-stream 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/Fonts/173fc8c3-747d-42e5-b1e0-84e07ea40014.woff2
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09fd9d85c973bc0047763d73872ab949f3853d99d15dfc1eabc05d5e3ab017b

Request headers

Referer: https://capital-refund.com/
Origin: https://capital-refund.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23672
last-modified: Thu, 18 Mar 2021 11:40:41 GMT
server: cloudflare
etag: "60533c39-5c78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1XE4BZIqz5z4c%2B9lu7KIoPoyfyidNmF3LZiW1xr6DfABQK1aZOa3RGMyep2Q7b%2BSLzYtUhVgKN%2BahkaUW9SvNwS5EEMLDiz%2BF8YhjjuTh53Qs3W0T6w7sm8FypRx6ByaAvobPeNtovTWGmIhCmvqgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d35b74b9807906c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 564b9dc8-3660-48d5-8467-45cddd8f739e.woff2
capital-refund.com/Fonts/ 18 KB
19 KB 60ms
60ms Font
application/octet-stream 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/Fonts/564b9dc8-3660-48d5-8467-45cddd8f739e.woff2
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc0323b159122c84f138425751d51ec29627819402ce7a67bdcaee37c53069f4

Request headers

Referer: https://capital-refund.com/
Origin: https://capital-refund.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18592
last-modified: Thu, 18 Mar 2021 11:40:41 GMT
server: cloudflare
etag: "60533c39-48a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GjWigBq6JYvzngsSffiQTwV6kLuJlCxq3SUw8rfnqPNYBNPpu2fCpAERXClyrEZRFWBQzgsfmmjY%2BYID0K018WgSL7AkhDvcwSigmCkuNfOgIUTa%2BDArJq6c07QMpVhnSVrVZw4%2F%2F%2F%2Bsmxv6EcYcoPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d35b74b980a906c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 168012617086262 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 89ms
79ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/168012617086262?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

739a733d4a10fa18809fb70b3d62449926162c9d7539ac699e255aa4086f9c09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: F5V2UFoxKR1f35eRbZbSqwDZdn1z5/jwFFux1OKfaiWxODvDFuRmuF5+dOuyAph3yoM1FC9jtKr0VrSKSGyaXQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 26 Jan 2022 00:45:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 tablet-blessed2.css
capital-refund.com/assets/ 230 KB
29 KB 46ms
46ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/tablet-blessed2.css?z=1614170025295
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/tablet1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e438102b3df814b86cb08168822d73a4509bd7aea1f171f6cff20c28cf6a94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/tablet1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-6e04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIIDb1%2FL0SDnK6i2K%2FIrCSzKwyqUAp8wHLWpQGNscMl9rb8WgY8MKTuj2C434K2tZUIXuqfB3l6RaCg69uChfZ948OIhMNyTOWn6b0sahozUJpaLxb89p9eyCBhJcKgG4irsZjfqSYEBYNRNH1A9gEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74c08a8906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tablet-blessed1.css
capital-refund.com/assets/ 283 KB
45 KB 89ms
88ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/tablet-blessed1.css?z=1614170025295
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/tablet1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fcdcc571a6721a6853a0e30f54cfe19b8bcf149f64fc46e7612193ce74a2b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/tablet1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-b806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NVsdGpmY2qYJR0vdY9b%2F5HFJ%2BSoxoiYHFBcfQ4xuAGusrQ0wCgtulB6s05zeZcE18RxP4Bc%2BV7I%2FQy62AEzCOlAdJtQYTziExjy5oJbJkAnXW1eeIKEht8joX%2FP%2B0%2FMQHKkbHGYZlnQDHu%2Ba7qFS0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74c08aa906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobile-blessed2.css
capital-refund.com/assets/ 211 KB
28 KB 66ms
65ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/mobile-blessed2.css?z=1614170011988
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/mobile1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cedcaf95dd82a242dca98fca1ce01ae5e19db59ff27d1510b6c693dc097d13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/mobile1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-685b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUSrA%2BXY2MnbbzQcHE9aDzzrpBiDDjdoR1vx8bOMGYZNQvLBKhWaLVRJh98cBF72jH6JE97U4AtNT%2FvTeh6CI6TnElSvuc1456%2BFTLiCMAHJy8%2FAhrIsdRfGGJSXBFC%2FpJJSjH1FQRBd369Q24uRk1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74c08b4906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 mobile-blessed1.css
capital-refund.com/assets/ 269 KB
42 KB 52ms
51ms Stylesheet
text/css 2606:4700:3031::6815:3592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capital-refund.com/assets/mobile-blessed1.css?z=1614170011988
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/assets/mobile1614181734.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:3592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da99f861b8e095cee404801bfe671ab86e1e81bdc43daf87d41888b934ae1590

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/assets/mobile1614181734.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Mar 2021 11:40:42 GMT
server: cloudflare
etag: W/"60533c3a-a44a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqJSSF41ZEEm8jkA%2FjLvWHAEIapcXv%2BCH51o%2F3mVq8nv%2FcFxn9IWL3Ifff2vzW5unBVuAts%2FYDGpTNHPQbthcROpYm4YuF64a%2FOHKj7VhXdeVUfVmcy0zkUTpgIEBa1NGtTTkjbjYzy%2F2FvywY6hTV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d35b74c08b6906c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK embed.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/ 128 KB
46 KB 80ms
11ms Script
application/javascript 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Requested by: Host: chimpstatic.com
URL: https://chimpstatic.com/mcjs-connected/js/users/7688a4d4a861ef7e849ef9e74/e23da8ae1403d07586e812fb7.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 54
ETag: W/"7ab9fd3318ef228deb0ec630a29c7cbe"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: HZ8GkF-OzBkIGIUSjkOVDnED6EF8vd5BMIJVdJtKSb7CaVJJtHERTA==

GET
H2 200 1.css
fast.fonts.net/t/ 0
600 B 47ms
21ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=491eb0d7-6250-4bb8-a527-4830360f7a93
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
cf-cache-status: HIT
age: 59105
cf-ray: 6d35b74c4806914c-FRA
content-length: 0
x-amz-id-2: 9pGvVqjuDzWs0Nlo7hdOxplLpQevo/sR7oHB0Zndef7eTbhlc1nZHRZ3f9JpgjmDO01NC9BpdxE=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: P54WGH4SJAFNS871
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 modules.923ec619fec69a542e35.js Show response
script.hotjar.com/ 229 KB
61 KB 33ms
10ms Script
application/javascript 108.157.4.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.923ec619fec69a542e35.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2190243.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 11:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 566154
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61575
access-control-allow-origin: *
last-modified: Wed, 19 Jan 2022 11:29:02 GMT
etag: "6d6c65f494384174cfbb7de0db8782b1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: j48hM3HgJ3a1KUyRemcS0I3IpKDWj1nMctO5K5IDkQZSUtOFU25X8A==

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 57ms
34ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3191
etag: W/"bade15bfdcba7ee19d22e61741b04b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d35b74c5bd2599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 29 Jan 2022 00:45:00 GMT

GET
H2 200 form-settings Show response
mc.us20.list-manage.com/subscribe/ 2 KB
3 KB 273ms
186ms Script
application/json 104.117.200.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mc.us20.list-manage.com/subscribe/form-settings?u=7688a4d4a861ef7e849ef9e74&id=9edb84b6eb&u=7688a4d4a861ef7e849ef9e74&id=9edb84b6eb&c=dojo_request_script_callbacks.dojo_request_script0
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.117.200.54 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-54.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: 552033b25426224639c1c53a596e3c260ea85aa20ea7a062d3e598fdb83fea2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 168
date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: gzip
referrer-policy: same-origin
server: openresty
x-edgeconnect-midmile-rtt: 0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=300
x-ua-compatible: IE=edge,chrome=1
content-length: 1105
expires: Wed, 26 Jan 2022 00:50:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168012617086262&ev=PageView&dl=https%3A%2F%2Fcapital-refund.com%2F&rl=&if=false&ts=1643157900292&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643157900291.1911490190&it=1643157900159&coo=false&rqm=GET

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 26 Jan 2022 00:45:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/619584e3-1137-43ce-bc62-de5dc6418200/ 4 KB
2 KB 345ms
336ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/619584e3-1137-43ce-bc62-de5dc6418200/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

031df5a01668dcad4d42e84fa04e755d219883feda403d112bb182e9724b6499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200 OK
x-envoy-upstream-service-time: 24
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c64bc3ba-beb9-4e5b-a29b-34b015f26035
x-runtime: 0.022631
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"031df5a01668dcad4d42e84fa04e755d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6d35b74cfaea3761-MXP
access-control-allow-headers: SDK-Version
expires: Wed, 26 Jan 2022 01:45:00 GMT

GET
H/1.1 200
OK popup.js Show response
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/ 101 KB
31 KB 11ms
10ms Script
application/javascript 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e464107ba4301877e7131c0108649f811828efa1327da626809628228931058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 55
ETag: W/"2f66b75795f5c98d51858a088397023a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: Xet8cM1QYlkQHMY_MUZJEVNu8cIxT4ZcKrc-7Nu1nf-Iyp49uLjCwg==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame CB70 9 KB
3 KB 10ms
10ms Stylesheet
text/css 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 15
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: wuxWP3ff1jmAbe46TGNuakU-Jdc5tT7HgrfzLSazxRKGB_9N0tTm4Q==

GET
H/1.1 200
OK banner.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame CB70 1005 B
943 B 21ms
11ms Stylesheet
text/css 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/banner.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:33 GMT
Server: AmazonS3
Age: 60
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: HvaVkCzjCtss554EEXf9rc0q6FwkFeuihT2sdnkdIdS8w-JiVpJJ9g==

GET
H/1.1 200
OK common.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame A228 9 KB
3 KB 26ms
10ms Stylesheet
text/css 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/common.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 15
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: kDc2j0UC35Ew8XRy0fgV_GWEA_FC11i03veIprQNvE2_5Siyh3GuaA==

GET
H/1.1 200
OK layout-2.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ Frame A228 1 KB
959 B 27ms
10ms Stylesheet
text/css 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/layout-2.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 46
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 0616b48dd6be4cda83365410ecccbda4.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: oY0MEGXm1ceFMmFVn029B--eAbRhIx59LSOdkREpIBWFBlYeecLwDg==

GET
H/1.1 200
OK modal.css
downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/ 3 KB
1 KB 28ms
10ms Stylesheet
text/css 18.66.248.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads.mailchimp.com/css/signup-forms/popup/dad5257e8784c6cb4633ebbf068517135d2e0d05/modal.css
Requested by: Host: downloads.mailchimp.com
URL: https://downloads.mailchimp.com/js/signup-forms/popup/unique-methods/dad5257e8784c6cb4633ebbf068517135d2e0d05/popup.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-122.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:44:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 04 Jan 2022 17:01:32 GMT
Server: AmazonS3
Age: 40
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 b628053fca1386b0c2ba37163842b26e.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: P1sNzlNTtFj-bqZcA-jf9eLTE6vJ4SCSiCQmSPOUgGmmWljF_dtyDA==

GET
H/1.1 200
OK mailchimp-gdpr.svg
cdn-images.mailchimp.com/icons/ Frame A228 1 KB
1 KB 53ms
10ms Image
image/svg+xml 18.66.247.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-images.mailchimp.com/icons/mailchimp-gdpr.svg
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.247.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-247-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33c02a8215e3a0d77a0346beb053c756387bdad894b1055340ce6627a6428f3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 02:50:49 GMT
Content-Encoding: gzip
Age: 78852
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 25 Apr 2018 21:26:45 GMT
Server: AmazonS3
ETag: W/"59a8ccc2056b4656cdc1e99c50b9d0db"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize: 1530
x-amz-meta-s3fox-modifiedtime: 1524676315000
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: gUJcQiji5Q66IvFmQqkeWXLLYNzzc5zFNCjuHlmLC5T0kievx9-u1Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/assets/hi360_jammit1614181734.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4206
date: Tue, 25 Jan 2022 23:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 26 Jan 2022 01:34:54 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168012617086262&ev=PageView&dl=https%3A%2F%2Fcapital-refund.com%2Fde&rl=&if=false&ts=1643157900701&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643157900291.1911490190&it=1643157900159&coo=false&rqm=GET

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 26 Jan 2022 00:45:00 GMT

GET
H2 200 Kayak.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_2500,x_2200,y_800,c_crop/v1605815737/Carousel/ 9 MB
9 MB 60ms
21ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_2500,x_2200,y_800,c_crop/v1605815737/Carousel/Kayak.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6cecdb6ec791fc60de0706fc794cbf233562670ed9840e6d90c16de6fb43dcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Kayak.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 9719388
last-modified: Thu, 03 Dec 2020 17:46:44 GMT
server: Cloudinary
etag: "9fc8ffbf44c98ef710868abe962a1fab"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 austin-distel-M1aegHe2j6g-unsplash.jpg
res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_1638,x_2,y_500,c_crop/v1605867804/Carousel/ 104 KB
104 KB 47ms
9ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_1638,x_2,y_500,c_crop/v1605867804/Carousel/austin-distel-M1aegHe2j6g-unsplash.jpg

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

677cc367f041237ee0b2bb177b349e3072e265d479a9d038b3370a39c15fe948

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="austin-distel-M1aegHe2j6g-unsplash.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 106674
last-modified: Tue, 08 Dec 2020 14:49:07 GMT
server: Cloudinary
etag: "e3c5f30ce8414c8bb209a2e397e97fff"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Girl_on_train.jpg
res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_2500,x_1500,y_800,c_crop/v1606927995/Carousel/ 315 KB
316 KB 47ms
9ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_2500,x_1500,y_800,c_crop/v1606927995/Carousel/Girl_on_train.jpg

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e08524f1b00f12dcf5df19ad07d7546b01d35413e19964019a6a73e35b07e1e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Girl_on_train.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 322872
last-modified: Thu, 03 Dec 2020 17:49:33 GMT
server: Cloudinary
etag: "534d8c9269eb96a91b072483279d025f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jorn-eriksen-2Q5B6YSAnrs-unsplash.jpg
res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_5000,x_1500,y_1500,c_crop/v1607353423/Carousel/ 1 MB
1 MB 46ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/f_auto/h_5000,x_1500,y_1500,c_crop/v1607353423/Carousel/jorn-eriksen-2Q5B6YSAnrs-unsplash.jpg

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3572873514d5c6a04a746d91e44f5a448059f5c4578ba9fe05fdfc61166ae24b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="jorn-eriksen-2Q5B6YSAnrs-unsplash.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 1162394
last-modified: Mon, 07 Dec 2020 15:22:50 GMT
server: Cloudinary
etag: "157afd11ca80689433fc2588db1ad1bc"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Donate_here_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607957407/TripBooks/ 53 KB
53 KB 46ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607957407/TripBooks/Donate_here_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

833cbc9f7b292c1360a435c5ab064d5c01bd3e870a21aeb4adef43a7281a59a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Donate_here_DE.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 54340
last-modified: Mon, 14 Dec 2020 17:00:27 GMT
server: Cloudinary
etag: "1c715b1086355bd303d2c7dcc7fb529e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Working_towards_a_sustainable_Future_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956337/TripBooks/ 15 KB
15 KB 46ms
8ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956337/TripBooks/Working_towards_a_sustainable_Future_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8eefe06dce6d223eccfe75381b41aa5e0a51172ea97a3439f7b086fdc02abf77

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Working_towards_a_sustainable_Future_DE.webp"
server-timing: fastly;dur=2;cpu=1;start=2022-01-26T00:45:00.759Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 14922
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "f4ec06d985f7d9113d1a4eb8b6e5d153"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 For_Good_Not_For_Profit_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607958752/TripBooks/ 54 KB
54 KB 20ms
19ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607958752/TripBooks/For_Good_Not_For_Profit_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e4f2c6be6411a2373fbdabadc8c9a492ee316f514666fb7bdb3c93764057f7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="For_Good_Not_For_Profit_DE.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 55104
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "847ad11bf0edf5e2ee5b73d3c237a4cd"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Wake_up_to_a_better_world_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607962882/TripBooks/ 17 KB
17 KB 19ms
19ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607962882/TripBooks/Wake_up_to_a_better_world_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fef918ce2e1cf2bbcca91c42883201ccf345f5bead0d0285484a504dd78f0a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Wake_up_to_a_better_world_DE.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 17518
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "b32b2b8d8220d63ae9d862e286422aba"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Giving_Back_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956276/TripBooks/ 18 KB
18 KB 19ms
19ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956276/TripBooks/Giving_Back_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5357701c8ae57186da8ef0535a7cf358038d3412bb0d6dff67fd78713b0e3c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Giving_Back_DE.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 18682
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "3c14b6fa22bfbf97f015f64e36fac037"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Group_Bookings_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607957830/TripBooks/ 16 KB
16 KB 20ms
20ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607957830/TripBooks/Group_Bookings_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

64e163a64dc762017e6c461046288feb279a1d89538c236971ddaff20d9921c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Group_Bookings_DE.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 15934
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "3c23fa3e988f70c710a71b06cb05e11e"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Membership_Perks_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607958279/TripBooks/ 17 KB
17 KB 20ms
20ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607958279/TripBooks/Membership_Perks_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b043cbfcf106668caf162ec6f421320b09169f38c76be33314ccc9ef559199db

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="Membership_Perks_DE.webp"
server-timing: fastly;dur=2;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 17374
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "ac1ee9991661ccb4dce97bf077185858"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 HI_Membership_DE.png
res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956320/TripBooks/ 16 KB
16 KB 20ms
19ms Image
image/webp 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/hostelling-internation/image/upload/f_auto/v1607956320/TripBooks/HI_Membership_DE.png

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7f1a89d382db6bb61c36b3793a9281775e1fcae8db09c5119f140c15fc4b7ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="HI_Membership_DE.webp"
server-timing: fastly;dur=1;cpu=0;start=2022-01-26T00:45:00.769Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 16680
last-modified: Mon, 14 Dec 2020 17:09:35 GMT
server: Cloudinary
etag: "5275001cee01ca03dc058a529c1d53c1"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 22ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 26 Jan 2022 00:48:34 GMT

GET
H2 200 box-21ccaa45726c0f3c8c458f7a87eb2298.html Show response
vars.hotjar.com/ Frame 6F3B 2 KB
1 KB 26ms
7ms Document
text/html 143.204.215.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2190243.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-26.fra53.r.cloudfront.net
Software: /
Resource Hash: c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6a4e2ae376c29011d2e53de65a08d0b7"
last-modified: Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: yqQUeLLo1vySbH3hV5xW3pJGwTnDs7ila3OOGOd6xaRNdac8io1LZw==
age: 6777581

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 145ms
61ms XHR
text/plain 2a00:1450:4010:c0e::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-9040848-2&cid=1838880827.1643157901&jid=2027545627&gjid=490359206&_gid=1301793119.1643157901&_u=aGBAgEATAAAAAE~&z=416827642

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0e::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://capital-refund.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 Jan 2022 00:45:00 GMT
content-type: text/plain
access-control-allow-origin: https://capital-refund.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=921558317&t=pageview&_s=1&dl=https%3A%2F%2Fcapital-refund.com%2Fde&ul=en-us&de=UTF-8&dt=Jugendherberge%20Netzwerk%20-%20DJH%20-%20Hostelling%20International&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAT~&jid=2027545627&gjid=490359206&cid=1838880827.1643157901&tid=UA-9040848-2&_gid=1301793119.1643157901&cd1=097003&z=1920389213

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jan 2022 07:21:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62610
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2190243/ 146 B
321 B 128ms
44ms XHR
application/json 52.209.125.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2190243/visit-data?sv=6
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.125.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-125-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer: https://capital-refund.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 26 Jan 2022 00:45:00 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2C1B 0
15 B 20ms
20ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://capital-refund.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://capital-refund.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Wed, 26 Jan 2022 00:45:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 39ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9040848-2&cid=1838880827.1643157901&jid=2027545627&_u=aGBAgEATAAAAAE~&z=653590598

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 39ms
18ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-9040848-2&cid=1838880827.1643157901&jid=2027545627&_u=aGBAgEATAAAAAE~&z=653590598

Requested by

Host: capital-refund.com
URL: https://capital-refund.com/de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 26 Jan 2022 00:45:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1214.min.js Show response
js-agent.newrelic.com/ 35 KB
13 KB 23ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1214.min.js
Requested by: Host: capital-refund.com
URL: https://capital-refund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 9SGCo4Tu7CQ6f76Rop9iQ50y_vaEgb87
content-encoding: gzip
etag: "8f16e3e6b3dfe5feb6c019492aedcc2d"
x-amz-request-id: XQ6WA8JKZCCDB3XA
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13145
x-amz-id-2: Qy9PxgZz+JbOhvThVW5WDrf33R5NRu3uHnGPcM83+MeySJ16DK0IdYwpoUlItH+HLhlnJSqW4l8=
x-served-by: cache-hhn4082-HHN
last-modified: Tue, 04 Jan 2022 23:13:18 GMT
server: AmazonS3
x-timer: S1643157901.976542,VS0,VE0
date: Wed, 26 Jan 2022 00:45:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 4345

GET
H/1.1 200
OK 0c5606c35b Show response
bam-cell.nr-data.net/1/ 49 B
627 B 663ms
616ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/0c5606c35b?a=6106080&v=1214.62a3223&to=IlcNFUsMXlxRShlnCA9ZFxNYTH9RXVZ3RBFOfyY1GUsdClhZWFMUAF8GSA%3D%3D&rst=1742&ck=0&ref=https://capital-refund.com/de&ap=322&be=588&fe=1712&dc=1457&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1643157899245,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:123,%22c%22:123,%22s%22:141,%22ce%22:165,%22rq%22:165,%22rp%22:565,%22rpe%22:589,%22dl%22:568,%22di%22:1456,%22ds%22:1456,%22de%22:1475,%22dc%22:1711,%22l%22:1712,%22le%22:1713%7D,%22navigation%22:%7B%7D%7D&fp=890&fcp=890&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1214.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://capital-refund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 00:45:01 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6d35b7518ae2402b-CDG

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
capital-refund.com/	1969-12-31 23:59:59	Name: user-currency Value: EGP
capital-refund.com/	1969-12-31 23:59:59	Name: user-locale Value: de
capital-refund.com/	1970-01-20 00:27:24	Name: rack.session Value: fc2162e23d6b95ec2ef9639836a3b6722d0c8e8ff3cd75a819fa0eabd9eb96ef
.fonts.net/	1970-01-20 00:25:59	Name: __cf_bm Value: ghIGtr6ConJtYcmIOuJWTL7._UqjBvp0MWAudyOu2qQ-1643157900-0-AeTZMtfEPInZ0RvyCSUOUlOOVll6nua9jd49ixUj9xQ4H5whAflZF01Uc6uHoleeNYMWK3FwHTfZuhyqmkO7MZA=
.capital-refund.com/	1970-01-20 02:35:33	Name: _fbp Value: fb.1.1643157900291.1911490190
.facebook.com/	1970-01-20 02:35:33	Name: fr Value: 0EfuFuOAT026wWVka..Bh8JmM...1.0.Bh8JmM.
.list-manage.com/	1970-01-20 09:11:33	Name: _abck Value: 890A2B5A2DEED288D52A250116B3EB10~-1~YAAQhnp7XBV+1nF+AQAACc3XkweTmvUJ7z2Vv/ef4PZv11uu6MpxHeYFBcybkhWUFfDAunDW3nU211wUoPxh9/ioLbtOKk6n5jeEd2hVN+ra2Lu+7bR9gl+ihYvKrYvk1aYun7tCrLzl/bNjN/06OuKI4YclmxqEJG/A3wyBhxNA+5MEGLVSlao5bVUo70I2SUV9bI/r4tcHHrjm03EFkwZ78S26uKZl9h6k89+tKUad8B+kPomMbYbgHN1ZB6yNc4hrd2pbLxeynG8SVvcH5Iu7pgeuu8+hZhX2qBI1ci2voQKeWt0IqWNRCAUsVynskmH+JnySAL1YHwiEmvCaVUfTrAM9rOQX4hfpztZ59y+r8STNaglwKNLVT996+A6n2A==~-1~-1~-1
.us20.list-manage.com/	1970-01-20 00:26:05	Name: ak_bmsc Value: 33E0F5B2F11BFC6B56DF55D2BC563255~000000000000000000000000000000~YAAQhnp7XBZ+1nF+AQAACc3Xkw7uWgyrATlm2oK0xkUTHfaj2D5QKOiXMZjlT2zT8JREaiysOy2cbZ5PLPibN5v372uvEJ5f7OdGU5rjnVJNCpJwjpi/2O5Ra6eMg1clLpRbgcqY6limsaX1njMn7bJIddVuOotgAKdFFMIWujl3m50LwlY8EEk7McQXtgWgVlmRFpGYsSTa2mmBE/UcvMuxJYfU8ZsLkefUavnleqJMe0DDBtURPMr/x215c4ADCudxV/R7yt4+W5dZbeR7Dl4YbXw+eBQ9A4Ja10sUndOVQlP2gfsNW6pknb7OI/svMrlE4SuL9mDJWEavduKTI5ZQu4a23C5ZBlL0AEg5TvvwJ5fsacF85TnY1URatsrIO6Zv5nyY7QaBpVW5DO7b5bhScQ==
.list-manage.com/	1970-01-20 00:26:12	Name: bm_sz Value: CE18F390BD570E62EEECEB45948E966B~YAAQhnp7XBd+1nF+AQAACc3Xkw5mh49corDQFGSNnnSGTNn1WFFRfQl1k1fXSAi0CYH8TsY2mp9HqSH4q/5G7wOkqfXLVqr+cI8SPThp7YnVVspNcTGCwvgM3nj0kNSGWm9V1qRaHQhqmHJ7aOA15edL7UKAqPZiMQCa5eNz6OvRu7DRtf6fgIh7p4G6E/H64fUNYH/rvJr3l4cU4he3hSgoDLF5h7b4KvT0QQueliwH9TJh3YeswbaebwVvL1QCBgYdo0Gav5XENA69fTxOF22elXLdW+qk57XwPO9FO1PvNW1ofRRz0Q==~3553075~4535604
.capital-refund.com/	1970-01-20 17:57:09	Name: _ga Value: GA1.2.1838880827.1643157901
.capital-refund.com/	1970-01-20 00:27:24	Name: _gid Value: GA1.2.1301793119.1643157901
.capital-refund.com/	1970-01-20 00:25:57	Name: _gat Value: 1
.capital-refund.com/	1970-01-20 09:11:33	Name: _hjSessionUser_2190243 Value: eyJpZCI6IjM0OTI1NjUyLTcyZWMtNTVlNS05Y2RkLWNjNjcxYTQ5NmY5MSIsImNyZWF0ZWQiOjE2NDMxNTc5MDAyNDAsImV4aXN0aW5nIjpmYWxzZX0=
.capital-refund.com/	1970-01-20 00:25:59	Name: _hjFirstSeen Value: 1
capital-refund.com/	1970-01-20 00:25:58	Name: _hjIncludedInPageviewSample Value: 1
.capital-refund.com/	1970-01-20 00:25:59	Name: _hjSession_2190243 Value: eyJpZCI6ImZhYWQ5MmYwLTRiZDctNDk5MC05ODkwLWU0ZDY2MTBmZjU3YiIsImNyZWF0ZWQiOjE2NDMxNTc5MDA3OTUsImluU2FtcGxlIjp0cnVlfQ==
.capital-refund.com/	1970-01-20 00:25:59	Name: _hjAbsoluteSessionInProgress Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
capital-refund.com
cdn-images.mailchimp.com
cdn.onesignal.com
chimpstatic.com
connect.facebook.net
downloads.mailchimp.com
fast.fonts.net
in.hotjar.com
js-agent.newrelic.com
mc.us20.list-manage.com
onesignal.com
res.cloudinary.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.hihostels.com
104.117.198.163
104.117.200.54
108.157.4.128
108.157.4.38
143.204.215.26
151.101.2.137
162.247.243.147
18.66.247.90
18.66.248.122
2606:4700:3031::6815:3592
2606:4700::6811:e04e
2606:4700::6812:e134
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4010:c0e::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42::393
35.177.254.66
52.209.125.250
031df5a01668dcad4d42e84fa04e755d219883feda403d112bb182e9724b6499
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641
0fa0c28e22f1154b9b65c913b8941e42ce86529bd68042fe14db4f4898527546
10cedcaf95dd82a242dca98fca1ce01ae5e19db59ff27d1510b6c693dc097d13
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1f8ad028eec1b565d53c881c568319fd3c64a6489e7c5725e81b210146f28ed7
224608badfa68f3db53b5f3316faad92fe5b07a41e9cd87ccfb6877aec60c0e1
2789a5983cc1685143ee4fa6a170bb53da12496eb460400cdd0d604d0ab337fb
2876112f21946a98a796c6b247848bc5d3a9bf2a599c67546dff7d01791ca4c8
2e2e24e6217f544311a53b4e6089a9d0deee9b6170e47d3bad8e11b27ce58174
2e438102b3df814b86cb08168822d73a4509bd7aea1f171f6cff20c28cf6a94a
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
33c02a8215e3a0d77a0346beb053c756387bdad894b1055340ce6627a6428f3c
34618fabc90c88365b7b317ef903a79c17dfcd49f7a6861117d95c149f243988
3572873514d5c6a04a746d91e44f5a448059f5c4578ba9fe05fdfc61166ae24b
3580173f93282afbbbcd7d1c303fb971fcd8f9a20997f9fb9ca7a652d9b5d59d
3c27278e9982a68f174a7bbe5ba00c971fc8c5ad6c93d7146a5ccc6f2ae55241
3d800760f3c510d376329182801ac90d4f1f760999fd9666d43312b6b5a0d5c7
3db78e6cd1fadc294139e9483a4216c51b2f0b3605c39e29c20df36dae624a39
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4c69c701fd3700fca10f8e6180c9f60f9af13c943ee7f1513f4b7709d8b75d72
4e464107ba4301877e7131c0108649f811828efa1327da626809628228931058
5357701c8ae57186da8ef0535a7cf358038d3412bb0d6dff67fd78713b0e3c3c
5468d7dfff5faffd1a69e7642210bca4c34a1b348fbb3a7cf9bceb059091e66b
552033b25426224639c1c53a596e3c260ea85aa20ea7a062d3e598fdb83fea2a
5c3c9df8b8f0a80f863c53dec5cbca7dedbdcc7697c6c6359520950774653960
6352af4fc3ed5f81193a1fb3a215b43dd38eaba36230459ea68a83e09fcbfd9d
64e163a64dc762017e6c461046288feb279a1d89538c236971ddaff20d9921c5
677cc367f041237ee0b2bb177b349e3072e265d479a9d038b3370a39c15fe948
6cecdb6ec791fc60de0706fc794cbf233562670ed9840e6d90c16de6fb43dcdc
728cabdd9d29f807df010b119b9c0c7559de73a42ee444e09b6d6b59b29bea8a
739a733d4a10fa18809fb70b3d62449926162c9d7539ac699e255aa4086f9c09
749caecb482155a14b9470d5a6b57290eff3bb3fbc9d31a681f0e1465cf7b20e
7f1a89d382db6bb61c36b3793a9281775e1fcae8db09c5119f140c15fc4b7ac4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833cbc9f7b292c1360a435c5ab064d5c01bd3e870a21aeb4adef43a7281a59a7
834dc31d4ccf21ace966cf86df8a2dc258e47b2da9c9d9fe97aa02ebfe53bb9f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88522cca257c7b55886862e9549236b005c2fcbb1246bcd986621476739c2127
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eefe06dce6d223eccfe75381b41aa5e0a51172ea97a3439f7b086fdc02abf77
8f1ebf4ed710e132a9265e93974d1e437046b7611e61f6935eaccd3f6b87edf6
95cbcb11f145f30fcf597a4030f946cdd84ae1437e7017ea49d390315119dece
97128792e01a09c5bf6c545b8392c880e2f3446d6f76249be28320d694912b28
9e000e7805a03b275608d64f0ee40fc1140ea80bcb3daa6bc9a5406dd107f9d0
a06fd750de7374983daf40016564b1fb6f2168ed2c5742ccf69912e8574803c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22b2707e3cc198705449b911f2fd5ea0d7cd642cb03fff6e5d8a2f3310458a6
a8cfb3ef4be247b28853a1330c1446bb545c3f9d471d98d2a01bf5c0cfcc283f
ac26f57b1a1a340264cf2bb142b1cc98c354eed63473321f3d4316393b6d640a
b043cbfcf106668caf162ec6f421320b09169f38c76be33314ccc9ef559199db
b09fd9d85c973bc0047763d73872ab949f3853d99d15dfc1eabc05d5e3ab017b
b206d623b4cbf8b67243abdb1a113c9dff992e594f4cde1864055e455e9ee177
b43954ce6302b2b5500c4129dc6e93e91265d03e7c8ab81832e085566955da17
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
b960a89dca43490bf0005a6ed7ef8287405c4bd8b050fc4a4934580d8a5920c6
b99dd13d1c454a056a1e66c4b88f716fd2fbf200c51c14143df0fd9af5f60dbc
bece213397fe5f546674ee29dd3f69ec2f2cc0e480e67f09dcc4c25c0d12a3d7
beeafa1b7605b12e60003a596bafcb332520ebeba64894ced0fcb15da6765a9e
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c6f6640f9374481fea6e9bf9ba528cf18a710a9787463080ab7aadc544079ae8
cbed269cbf3d2107f253a50c6a3691b70773b63fa111b8a6fc6e1a8f3db904f1
cc0323b159122c84f138425751d51ec29627819402ce7a67bdcaee37c53069f4
d189c8076b7b39680546d68a34717be5c7a94bba2fcd11a09530a80d20c367ac
d46317b99537c2638ae6f8643d7f2565e133f8cc147b51a2622aa8faaf468cbe
da99f861b8e095cee404801bfe671ab86e1e81bdc43daf87d41888b934ae1590
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc71c609ba365533d059e7ece0ff30b93a95d0bf254e873e5bb56270a43cffea
e08524f1b00f12dcf5df19ad07d7546b01d35413e19964019a6a73e35b07e1e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f2c6be6411a2373fbdabadc8c9a492ee316f514666fb7bdb3c93764057f7b0
e56be989d6c0d14b7c009bfeb3aa6328482742b363c47da76955685b3c4ec83a
eae510ee9b06111d9a221a8fccf6479d527481ab95e66c7f3f7cec156286edb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fcdcc571a6721a6853a0e30f54cfe19b8bcf149f64fc46e7612193ce74a2b4
fef918ce2e1cf2bbcca91c42883201ccf345f5bead0d0285484a504dd78f0a88
ff4e90f2311bfe61d15584ab332c3976b32d06c810df120191cf3089985222e7

capital-refund.com Open in urlscan Pro 2606:4700:3031::6815:3592 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

48 %IPv6

17 Domains

22 Subdomains

21 IPs

5 Countries

12414 kBTransfer

15940 kBSize

17 Cookies

35 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

capital-refund.com Open in urlscan Pro
2606:4700:3031::6815:3592 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

48 %
IPv6

17
Domains

22
Subdomains

21
IPs

5
Countries

12414 kB
Transfer

15940 kB
Size

17
Cookies

83 HTTP transactions
0 data transactions