urlscan.io logo urlscan.io
SecurityTrails logo

juicyfields-refund.com Open in urlscan Pro
162.0.233.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.juicyfields-refund.com/
Effective URL: https://juicyfields-refund.com/
Submission: On August 29 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 39 HTTP transactions. The main IP is 162.0.233.110, located in United States and belongs to NAMECHEAP-NET, US. The main domain is juicyfields-refund.com.
TLS certificate: Issued by R3 on August 29th 2022. Valid for: 3 months.
This is the only time juicyfields-refund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

18    162.0.233.110 (United States)

ASN22612 (NAMECHEAP-NET, US)
www.juicyfields-refund.com
juicyfields-refund.com
15    2606:4700:3036::6815:334b (United States)

ASN13335 (CLOUDFLARENET, US)
cloud-s1.juicyfields.io
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.google.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
translate.googleapis.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
18 juicyfields-refund.com
www.juicyfields-refund.com
juicyfields-refund.com
610 KB
15 juicyfields.io
cloud-s1.juicyfields.io
276 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
17 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
translate.googleapis.com — Cisco Umbrella Rank: 957
267 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1239
27 KB
39 5
Domain Requested by
17 juicyfields-refund.com 1 redirects juicyfields-refund.com
15 cloud-s1.juicyfields.io juicyfields-refund.com
3 www.gstatic.com juicyfields-refund.com
translate.googleapis.com
2 translate.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com juicyfields-refund.com
1 translate.google.com juicyfields-refund.com
1 www.juicyfields-refund.com 1 redirects
39 8

This site contains links to these domains. Also see Links.

Domain
translate.google.com
t.me
Subject Issuer Validity Valid
juicyfields-refund.com
R3		 2022-08-29 -
2022-11-27		 3 months crt.sh
*.juicyfields.io
E1		 2022-07-20 -
2022-10-18		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://juicyfields-refund.com/
Frame ID: B0FC6BC4810C3120972B78A84FC4F04E
Requests: 39 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8E7886AE9679D9B32D8E1EAA26FE20B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JuicyFields

Page URL History Show full URLs

  1. https://www.juicyfields-refund.com/ HTTP 301
    http://juicyfields-refund.com/ HTTP 301
    https://juicyfields-refund.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /yii\.(?:validation|activeForm)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]pjax(?:-([\d.]))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • math(?:\.min)?\.js

Page Statistics

39
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1198 kB
Transfer

2179 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.juicyfields-refund.com/ HTTP 301
    http://juicyfields-refund.com/ HTTP 301
    https://juicyfields-refund.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
juicyfields-refund.com/
Redirect Chain
  • https://www.juicyfields-refund.com/
  • http://juicyfields-refund.com/
  • https://juicyfields-refund.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9f057f297b1f34fb0500a9de0797edefd246fcf2b240dfa999a03cd7a3091317

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 29 Aug 2022 04:04:26 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.41 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
327
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 29 Aug 2022 04:04:26 GMT
Keep-Alive
timeout=5, max=100
Location
https://juicyfields-refund.com/
Server
Apache/2.4.41 (Ubuntu)
fontawesome-all.min.css
juicyfields-refund.com/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/css/fontawesome-all.min.css
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:26 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"e7a9-5e752f4b8eae4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12858
bootstrap.min.css
juicyfields-refund.com/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/css/bootstrap.min.css
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"26041-5e752f4b8eae4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
23198
jquery.fancybox.css
juicyfields-refund.com/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/css/jquery.fancybox.css
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fdc92651c42691d15fb282930a9d901021fd2acddaead3d12ff9fecdb5e455a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"36f2-5e752f4b8eae4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3205
custom.css
juicyfields-refund.com/css/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/css/custom.css
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
df43dfa50328cada9d0f2e6f0913cf507c82e98eaabe002f3ca567d1ee65a180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"91d8-5e752f4b8eae4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6547
toastr.min.css
juicyfields-refund.com/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/css/toastr.min.css
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1936-5e752f4b8fa84-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2836
logo-white.png
cloud-s1.juicyfields.io/image/guest/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud-s1.juicyfields.io/image/guest/logo-white.png
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
743c128a4497054c7ed51d482291f374094ccb8a7bd906f8306c8351fdacda44
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6311
last-modified
Wed, 17 Jul 2019 04:52:00 GMT
server
cloudflare
etag
"5d2ea970-18a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45ic5MqfT9rhQtENrxJViVrijniulxaKjVehgwla6RxFTZgdUj6HObor5Ajm5enGzcfw6ve2yY4RVqFjGvvAmTwAL4JHqSFmJkYwTp0cHC55jBK%2FDi2SlD5GLuqwi4ZJjlbzNGV5PwyMNdtzk1yTQshfobucjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
742267141abd9bf8-FRA
arrow-btn.png
cloud-s1.juicyfields.io/image/guest/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cloud-s1.juicyfields.io/image/guest/arrow-btn.png
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac80c5a817d540c2ab8b51dd19fc6b94f15cba0430924935af3810ee0c09509f
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
37759
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3156
last-modified
Wed, 30 Oct 2019 09:11:47 GMT
server
cloudflare
etag
"5db953d3-c54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVuJglUK0XjFhAx69vFQjmPD22c51yoQ%2BivdhSvo3yhJ4heUceYcLON551Zd0A4C2zDVAzhO4yueX4d%2BJh%2BzKKpzbIXHePZ5Ke%2FgY0n1ka98kPhy4gGIEynKrHqk45d6oux1D4RGrvZ47dQeJyR7pcTP%2B3n4uA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
accept-ranges
bytes
cf-ray
742267141abf9bf8-FRA
jquery-3.4.1.min.js
cloud-s1.juicyfields.io/lib/jquery-3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/jquery-3.4.1/jquery-3.4.1.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:08:25 GMT
server
cloudflare
etag
W/"60fc2ce9-7741"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQdGecmfyoJ0g2xyDIWH4OsikzJCtq7ezF12nk6BzeUt1aATQepCJ7RQhOJPyv6PxLFZusVmm7l5Fjb7Or8oLT2A72gIucsAdFjNUdGrz7zuD2Gq3%2FJggbeHl3Hyx4jb2fcDiR%2FSTN0hLDJB6YrwPfl9F9Agjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea729bf8-FRA
yii.js
cloud-s1.juicyfields.io/lib/yii/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/yii/yii.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
cf-polished
origSize=20934
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Feb 2022 23:53:20 GMT
server
cloudflare
etag
W/"61fb1970-168e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49jtaddc6JADoGMMgmL%2FOcYLdKO34M3i%2B4YbIjNwubhvYIWyBWPYTh8BqzfoR84LILjw8tciI2U%2B0KeArjsBbNrP%2BBw4wJDgMF93BtvKtRVGzK%2BxmCkc%2B7%2BuddbYUkp1EllwACKD47vVglrcImm3kxWeu48n2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea749bf8-FRA
cf-bgj
minify
yii.validation.js
cloud-s1.juicyfields.io/lib/yii/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/yii/yii.validation.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0e975f3e42b8333360672d56901e82913d033e1c7aa041dc17f0d2957c2152
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
cf-polished
origSize=16405
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Feb 2022 23:53:20 GMT
server
cloudflare
etag
W/"61fb1970-be7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j7uEPu2Cwjb0ID1xnEYb9X0OVTM2RlpbasRDaX19cV3Yl7DmIYHpySmNBE2iE6V%2BkbKtWqiVYRlpXpRdPULtuNKxJb8jUR1%2FFdMJas%2FA4hmoqc4KtXvHZPg7AfgbbASahoNFtoku7eekIqCPi2fWQKYX88xdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea769bf8-FRA
cf-bgj
minify
yii.activeForm.js
cloud-s1.juicyfields.io/lib/yii/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/yii/yii.activeForm.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c705f2b3e11d60cb56c82676c3675664e38975dc6961c36c5716d8e3d4cb3a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
cf-polished
origSize=36765
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Feb 2022 23:53:20 GMT
server
cloudflare
etag
W/"61fb1970-1cdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljb5sQwcNRg%2Boaeyp9dbHhvibQSfPIw%2FMzWyULtl8WVcFXFivshLbzgd3LaTmu%2B%2B%2BBOW0zgXHHpCssSZK0se%2BaKMzLluGcU%2B%2B40gz1qbuoH%2FRU3DldHMCmzjZU22v29jL1Vk3G5FEbWHW3E1V%2Fx76acHwSFAug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea779bf8-FRA
cf-bgj
minify
jquery.pjax.js
cloud-s1.juicyfields.io/lib/yii/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/yii/jquery.pjax.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06ab97f18cf290ffa4879a0216940c4d93909ea30be93f16c12d90e612eb59f
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
cf-polished
origSize=29274
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Feb 2022 23:53:20 GMT
server
cloudflare
etag
W/"61fb1970-23b4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtQgHKRREjlfemKOT%2BaOGTx0pduByUP8COrYucG18LECkFfhi3WKmhyZ4pwy7FGPj8esNtSfhPpQRgO4prJQrQ1ZCInsTa9N%2BYTR4qe1SffSWoyrNPWXjEQSaur%2FFZzkZhri9lV4orA1SLCahkI0h3vH91NydQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea789bf8-FRA
cf-bgj
minify
popper.min.js
cloud-s1.juicyfields.io/lib/popper/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/popper/popper.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:12:29 GMT
server
cloudflare
etag
W/"60fc2ddd-1ac8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqK4Qep%2BdKPUxpUEYSgRTNR0Im49GGGIlagpz6FEXXm8PnqWrK24OYeSsCdARvyPf50Q%2FXTp2fCP7lnCKToMWZ%2FZljjeLyqH%2FmFGMhECgBRubtKOh%2BUUPTq2%2BQOFymqael2mEtktzx2PXTWijIsgCUqyU96XiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
74226713ea7a9bf8-FRA
bootstrap.bundle.min.js
cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/js/ 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/bootstrap-4.3.1-dist/js/bootstrap.bundle.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 14:59:35 GMT
server
cloudflare
etag
W/"60fc2ad7-56cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4P0YtDtYKG%2B7bZjTsEMkxO8WELqmeU%2FLzVZM6%2FRQhsYnari%2BxGxOSTXq%2FrZrBPW6S9oQh%2BmZjLyJES95SbdSn1c%2FZKaTzKLkgHG9OI1NTtq8x9Ezn2Jk0aeFx6CiHv1wOKFrVTFlQTcYhAVy8kAkZDFWGYNOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab09bf8-FRA
math.min.js
cloud-s1.juicyfields.io/lib/math-5.1.2/ 		519 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/math-5.1.2/math.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e057dc25f78a7b5ca63095867aa4614bdfb645f2b1091c1f062fd7363593000c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:20:19 GMT
server
cloudflare
etag
W/"60fc2fb3-218f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87d26JltK%2B%2BYGMT8vkHkTAchmobDs0zBaeouPq5KG5zBBlu9rqKHcm73UFEjgP18uRF2%2Bb5iy%2Bbm%2BHQO56B5w66nCLjvMTP60Q3mTI1r91onlJq4iGb09Ut680IwVhJTC2m1mmkctleWAOX6wO%2ByI%2F6vYvNFQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab19bf8-FRA
jquery.inputmask.bundle.min.js
cloud-s1.juicyfields.io/lib/jquery.inputmask-4.0.6-dist/ 		116 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/jquery.inputmask-4.0.6-dist/jquery.inputmask.bundle.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
051d9094809f486fa519551c9dda963f7b1cb2065793c099456db473f3d31e55
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:20:19 GMT
server
cloudflare
etag
W/"60fc2fb3-6d90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnpS9WoqFsLQqsYJMtO9zq14WJT%2BGUEVt2FITOwbU1m25vBX3CqFwDUJIC5vDjGUNe0kb3BPnsrCy%2FAFunZMuD16YLgxsBCWtI%2FBvC5OlVLvj5polS00NkDVun0R%2B7TLUSBqm5vpLM0IVYIxJT4ql3gjDgtopg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab49bf8-FRA
js.cookie.min.js
cloud-s1.juicyfields.io/lib/cookie.js-2.2.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/cookie.js-2.2.1/js.cookie.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03024fe57f2a4e0592e8c3e709d38b3769c93355753c24b8e386258a7a1caadc
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159698
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:20:19 GMT
server
cloudflare
etag
W/"60fc2fb3-3ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTmnSjwRq8gsxaCjfy1TJ6XRKsjnEv8S1hHti6PKEqGlXS70%2FQz5nsKi3asC7xBfUTp%2FTYN9vg2aivhpGn2iDrdEvMR9zsbtQGv6%2Fx9whO40LPEUXftK6J5a%2BBu4VT7wzfAqnj1i2pAofUdm%2F1z4pC%2FOmb4V%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab69bf8-FRA
jquery.fancybox.js
cloud-s1.juicyfields.io/lib/fancybox-3.2.10/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/lib/fancybox-3.2.10/jquery.fancybox.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
188ff4d251f37ac33980dccac8afea788e030d8058fde62e6e7a6cea099d4c30
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159692
cf-polished
origSize=154104
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 24 Jul 2021 15:20:19 GMT
server
cloudflare
etag
W/"60fc2fb3-8bca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddVvuWkyS08dLaVbDzwXF0azoir1VqNZs%2BQNVDx24COGlI9WBaHJ%2FJy4%2BEyaVjQPgwzOeBvq72%2FSz7wuQsAPiN7%2FvAwOzJUjt3PgL0aSLAERQgAu8nE%2B7TbjbHnS%2BXbVwMGCptstLYOh7WfWbmrexmbXbtJ4cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab89bf8-FRA
cf-bgj
minify
init.js
cloud-s1.juicyfields.io/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/js/init.js?v=1644313369
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af01241657ad3ea718b064adb74d0ef1bda2465ddb9e3abb17aaa641436e9666
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10159692
cf-polished
origSize=2703
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 08 Feb 2022 09:42:49 GMT
server
cloudflare
etag
W/"62023b19-4a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTWBPUzAOq91r5KocenAxZegsWUiGnd%2FAK2iuVmsouEG7VGuiLMMs%2FnapfTKjrafaLOSC7dZsbgsuKuZDtTt4gKp%2B%2BuuVqoTaext7QtIUYiBA65eQeqOWzsVMbN0hj2fk9IvjDlDsO3H230Tcs8y9S1Qpk7Huw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141ab99bf8-FRA
cf-bgj
minify
guest.js
cloud-s1.juicyfields.io/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloud-s1.juicyfields.io/js/guest.js?v=1643711916
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:334b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1499ddc197818d0cdb05854d507a65fcc2ba5966c447097dc45c2e587cb9b76c
Security Headers
Name Value
Strict-Transport-Security max-age=0; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56484
cf-polished
origSize=12933
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 02 Aug 2022 16:41:45 GMT
server
cloudflare
etag
W/"62e953c9-b56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzZ5Hhv1PB6UHQ%2FvTpyBgtfZXXPhBNc8NxmFlkFu0r%2BENu17OX567pg8aftCWlFFw2cmdTYTGZW0eEM1KZryLWKM4rFM%2FhYJ%2BeyiVTQ%2Fq5cyhvHg%2Bti8IxPkTdUomwDmepeiD%2Fq35Jq7m5zyqumpzyD9y%2Fi1XA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=315360000, immutable
cf-ray
742267141abb9bf8-FRA
cf-bgj
minify
toastr.min.js
juicyfields-refund.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/js/toastr.min.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1483-5e752f4bd2119-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2014
app-config.js
juicyfields-refund.com/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/js/app-config.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d38350d7ff3adb7194dfa9463ac8b5ae56002ee435ab2a05de8eef9b60a974ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"23bc-5e752f4bcf238-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3541
utils.js
juicyfields-refund.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/js/utils.js
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
979adf7d61df1d8710462f3a4496d9b79d99c4bfbce13398b25a422bacdeeacd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Content-Encoding
gzip
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2051-5e752f4bd2119-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2514
element.js
translate.google.com/translate_a/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7477675ae3435f4ad6337c37c5d8bb037455c1593c98576a6e3685fe3935958e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 29 Aug 2022 04:04:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		393 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Patua+One&display=swap
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 04:04:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 29 Aug 2022 04:04:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Aug 2022 04:04:27 GMT
plant-dark.png
juicyfields-refund.com/images/guest/ 		320 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://juicyfields-refund.com/images/guest/plant-dark.png
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
51a69d8519ae10132a41c16918a97bd3d48728c40eeed04bd4fce49de64dcac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4fed4-5e752f4bcc357"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
327380
GothamPro-Medium.woff
juicyfields-refund.com/fonts/gotham/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/fonts/gotham/GothamPro-Medium.woff?v=1
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b53e79b78da4f60da8643c625b231803f9f643952a22ace08b2e29185416ce58

Request headers

Referer
https://juicyfields-refund.com/css/custom.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51e0-5e752f4bca416"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
20960
ZXuke1cDvLCKLDcimxB44_lu.woff2
fonts.gstatic.com/s/patuaone/v16/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/patuaone/v16/ZXuke1cDvLCKLDcimxB44_lu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Patua+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 23:59:07 GMT
x-content-type-options
nosniff
age
533120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12876
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:40:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 23:59:07 GMT
fa-regular-400.woff2
juicyfields-refund.com/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/webfonts/fa-regular-400.woff2
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/fontawesome-all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer
https://juicyfields-refund.com/css/fontawesome-all.min.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"33a8-5e752f4bd4059"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13224
GothamPro.woff
juicyfields-refund.com/fonts/gotham/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/fonts/gotham/GothamPro.woff?v=1
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bc3e2af807f5dbfe08810fc2050080825050d3b60eaeffa67e82f42021d7023a

Request headers

Referer
https://juicyfields-refund.com/css/custom.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51b0-5e752f4bca416"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
20912
fa-solid-900.woff2
juicyfields-refund.com/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/webfonts/fa-solid-900.woff2
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/fontawesome-all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://juicyfields-refund.com/css/fontawesome-all.min.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"131bc-5e752f4bd5f9a"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
78268
fa-brands-400.woff2
juicyfields-refund.com/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/webfonts/fa-brands-400.woff2
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/fontawesome-all.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer
https://juicyfields-refund.com/css/fontawesome-all.min.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"12bc0-5e752f4bd4059"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
76736
GothamPro-Bold.woff
juicyfields-refund.com/fonts/gotham/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://juicyfields-refund.com/fonts/gotham/GothamPro-Bold.woff?v=1
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/css/custom.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
162.0.233.110 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
810a13a74ae783fb66c9bd9fcc492974769e11006b51a9c883eaf12e8c4b0494

Request headers

Referer
https://juicyfields-refund.com/css/custom.css
Origin
https://juicyfields-refund.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Mon, 29 Aug 2022 04:04:27 GMT
Last-Modified
Sun, 28 Aug 2022 20:26:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51b8-5e752f4bc84d6"
Content-Type
font/woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
20920
translateelement.css
translate.googleapis.com/translate_static/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:04:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3619
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 23:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 29 Aug 2022 05:04:11 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/ 		262 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/exm=el_conf/ed=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.eiRYmjHst84.O/d=1/rs=AN8SPfpRQzjrIA78rZd6IQo3LGo6fxLomg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 21:04:05 GMT
x-content-type-options
nosniff
age
25222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
268004
x-xss-protection
0
last-modified
Wed, 24 Aug 2022 21:14:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 21:04:05 GMT
truncated
/ Frame 8E78 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 03:24:26 GMT
x-content-type-options
nosniff
age
2401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 29 Aug 2023 03:24:26 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: juicyfields-refund.com
URL: https://juicyfields-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://juicyfields-refund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 28 Aug 2022 09:17:21 GMT
x-content-type-options
nosniff
age
67626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 28 Aug 2023 09:17:21 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 04:02:27 GMT
x-content-type-options
nosniff
age
120
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 29 Aug 2023 04:02:27 GMT

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| yii function| Popper object| bootstrap object| math function| Inputmask function| Cookies function| floatToEuro function| intToEuro function| redirect function| refresh function| getUrlParameter string| current_language_key function| setLanguage function| getLanguage undefined| LANGUAGE function| openPushStream function| gtag function| gaInit string| user_source string| user_sub undefined| user_referer function| storeData function| joinForm function| confirmResendCountdown function| confirmFormShowError function| confirmForm function| languageDropDownGuest function| formatTeam function| calendlyInitPopup function| contactPage function| trackGa function| lostFormChange function| lostForm function| showFormError function| signInForm function| onRecaptchaSubmitSignUp function| signUpForm function| signupProcess object| toastr function| notify function| vd function| handleHttpErrors function| handle422ErrorObject function| ajaxCall function| isAndroidStockBrowser string| userCurrency boolean| pageHidden function| open_telegram function| googleTranslateElementInit function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google string| currentUrl function| submitAjaxForm object| numberFormat object| closure_lm_515443

2 Cookies

Domain/Path Name / Value
.juicyfields-refund.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImVDR2JtUGpIRUVVVzZZeU1LeHlWRWc9PSIsInZhbHVlIjoicExDSDNHQVFlVE1pVDE0eVdVVnl2L3VYTUFQQnc3b29pVmM0eEFjSlJyL0hTb3lDZzlPMXpSWURWOTVLbTdteVJsUG5seXpkMlgvaUJ2bGxTMm5NNHBRc1FKRFRjaDNzZ1F0dGVCaVhCaEQ4UUZDTkQyTHFkOUZ5eVB3VWV6ekgiLCJtYWMiOiJlOTRmOTZiZDg2Yjg4Nzc1YzIwMDgyZDliN2EyZGZmMDJjZmVjN2MzMTI0NDhmMTY1NGQ2N2U1ZmRkOWVlODUxIiwidGFnIjoiIn0%3D
.juicyfields-refund.com/ Name: APP_SESSION
Value: eyJpdiI6IlQxSEF3Z2M2WEpoMHA0d25kZmUwYWc9PSIsInZhbHVlIjoidm9YejZkMTRPUXFaY3JNZ2d4Tko1VG5jQnZIVEd1TnhhekU0WVA1cGtPVHcrQ1dad3daNzRBbkpZLy9qUHMyZW9sWXFZMklmbXlzQzUwa2FYenJTeGk0a0xVYUhqbGptM04va3NQR2ptUWU2MEl1a2s5QnR1RmZTNFlmNXlCbDkiLCJtYWMiOiJmNzJmOWIyZWZiNDk0Nzg0MjA0ODRmMTBmMjBlNTE2M2M1ZTJiZWViNDFkZTBiZmQ3N2JjNjU3ZjQ1NTZhNzhjIiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud-s1.juicyfields.io
fonts.googleapis.com
fonts.gstatic.com
juicyfields-refund.com
translate.google.com
translate.googleapis.com
www.gstatic.com
www.juicyfields-refund.com
162.0.233.110
2606:4700:3036::6815:334b
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82a::200e
03024fe57f2a4e0592e8c3e709d38b3769c93355753c24b8e386258a7a1caadc
051d9094809f486fa519551c9dda963f7b1cb2065793c099456db473f3d31e55
077b9afdeb524bca60b2a640771a7ae4590eb74b23c039102907833e05026300
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1499ddc197818d0cdb05854d507a65fcc2ba5966c447097dc45c2e587cb9b76c
188ff4d251f37ac33980dccac8afea788e030d8058fde62e6e7a6cea099d4c30
1e0c2ad4e069276efa1d43fd1f7549912bfd64219119037e26574f27ca4d7143
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
4c0e975f3e42b8333360672d56901e82913d033e1c7aa041dc17f0d2957c2152
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
51a69d8519ae10132a41c16918a97bd3d48728c40eeed04bd4fce49de64dcac8
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
743c128a4497054c7ed51d482291f374094ccb8a7bd906f8306c8351fdacda44
74609e166867aa3888ef3085b0011dd5e5e61d347f578195c8d7e10ae315af02
7477675ae3435f4ad6337c37c5d8bb037455c1593c98576a6e3685fe3935958e
7c705f2b3e11d60cb56c82676c3675664e38975dc6961c36c5716d8e3d4cb3a0
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
810a13a74ae783fb66c9bd9fcc492974769e11006b51a9c883eaf12e8c4b0494
8829956a7dc32483c4f0dca9ad5d05f91acf91b5444b0ea7f3ead22a4d4af9df
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
979adf7d61df1d8710462f3a4496d9b79d99c4bfbce13398b25a422bacdeeacd
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9f057f297b1f34fb0500a9de0797edefd246fcf2b240dfa999a03cd7a3091317
a06ab97f18cf290ffa4879a0216940c4d93909ea30be93f16c12d90e612eb59f
ac80c5a817d540c2ab8b51dd19fc6b94f15cba0430924935af3810ee0c09509f
af01241657ad3ea718b064adb74d0ef1bda2465ddb9e3abb17aaa641436e9666
b53e79b78da4f60da8643c625b231803f9f643952a22ace08b2e29185416ce58
bc3e2af807f5dbfe08810fc2050080825050d3b60eaeffa67e82f42021d7023a
d38350d7ff3adb7194dfa9463ac8b5ae56002ee435ab2a05de8eef9b60a974ab
d39ee51a9c2d61184a78111c731cce4b32488c99bcc9b1f8c236705d06145166
daf549c4e623edd159ae373e1cb4a31d5804dfa9d65cde5d5f647b2f457500f9
df43dfa50328cada9d0f2e6f0913cf507c82e98eaabe002f3ca567d1ee65a180
e057dc25f78a7b5ca63095867aa4614bdfb645f2b1091c1f062fd7363593000c
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
f10fc73f171d7f29cf50a928c6e1752c21bbeae061df4b85867915740372d531
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fdc92651c42691d15fb282930a9d901021fd2acddaead3d12ff9fecdb5e455a1