urlscan.io logo urlscan.io
SecurityTrails logo

refundschedule2021.net Open in urlscan Pro
104.21.6.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.refundschrrre2021.jesty.a2hosted.com/
Effective URL: https://refundschedule2021.net/
Submission: On October 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 13 domains to perform 42 HTTP transactions. The main IP is 104.21.6.127, located in and belongs to CLOUDFLARENET, US. The main domain is refundschedule2021.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2021. Valid for: a year.
This is the only time refundschedule2021.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.100.46.210 55293 (A2HOSTING)
16 104.21.6.127 13335 (CLOUDFLAR...)
6 142.250.186.66 15169 (GOOGLE)
2 172.217.23.106 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
3 8 77.88.21.119 13238 (YANDEX)
3 142.250.184.227 15169 (GOOGLE)
1 192.0.73.2 2635 (AUTOMATTIC)
2 142.250.74.193 15169 (GOOGLE)
1 142.250.186.68 15169 (GOOGLE)
42 13
1    198.100.46.210 (United States)

ASN55293 (A2HOSTING, US)
PTR: 198.100.46.210.static.a2webhosting.com
www.refundschrrre2021.jesty.a2hosted.com
16    104.21.6.127 (None, )

ASN13335 (CLOUDFLARENET, US)
refundschedule2021.net
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
2    172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net
fonts.googleapis.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads.g.doubleclick.net
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
partner.googleadservices.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
adservice.google.de
adservice.google.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
8    77.88.21.119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
3    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
1    192.0.73.2 (United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    142.250.74.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
Domain Requested by
16 refundschedule2021.net refundschedule2021.net
6 mc.yandex.com 2 redirects mc.yandex.ru
refundschedule2021.net
6 pagead2.googlesyndication.com refundschedule2021.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 mc.yandex.ru 1 redirects refundschedule2021.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.googleapis.com refundschedule2021.net
1 www.google.com tpc.googlesyndication.com
1 secure.gravatar.com refundschedule2021.net
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.refundschrrre2021.jesty.a2hosted.com 1 redirects
42 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 6 frames:

Primary Page: https://refundschedule2021.net/
Frame ID: F31F5519507AE565EF542DD9E629BE14
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: E8936C8C24245095BD3705A05F2A54CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2069108844785015&output=html&adk=1812271804&adf=3025194257&lmt=1632838072&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frefundschedule2021.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633091697522&bpp=7&bdt=184&idt=121&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3722574138409&frm=20&pv=2&ga_vid=1264901266.1633091698&ga_sid=1633091698&ga_hid=340289088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062943&oid=3&pvsid=4105897615306300&pem=483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
Frame ID: E918DB691B105F4C83E4D0BA84E00E07
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: DB273231E3C1A98A3317C1E9D8EC9E3B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3165E1FB7334A5C81D89347A9190A2DC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 20017A71D6542F8F1B34205146EAF42E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tax Refund Schedule 2021

Page URL History Show full URLs

  1. https://www.refundschrrre2021.jesty.a2hosted.com/ HTTP 301
    https://refundschedule2021.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+gravatar\.com/avatar/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

13
Domains

15
Subdomains

13
IPs

3
Countries

1247 kB
Transfer

2101 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.refundschrrre2021.jesty.a2hosted.com/ HTTP 301
    https://refundschedule2021.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9413.zUfqdENc-cq8J1D0e0aAuT0MzylMORA2bLgPPP7uCvCRePSfgQRe801RktsU1fyg.66eUY6rE-Ry_eQpK1j0Bl2JUQPY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9413.DWSbPWMAhgKnN3uadR-jU-9jyBNgBAksB07dcmBGeUI1i3BMJE9fD1SLQ9dNttZDmeYpJdPTAUMu4Ah0K-VWPQ%2C%2C.4NeAi5V4Ls5LVNiY19K43cxQVOo%2C
Request Chain 38
  • https://mc.yandex.com/watch/66740299?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A837337051785%3Ahid%3A21495531%3Az%3A0%3Ai%3A202101001123458%3Aet%3A1633091698%3Ac%3A1%3Arn%3A130212429%3Arqn%3A1%3Au%3A1633091698367889575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633091696145%3Ads%3A11%2C37%2C441%2C1%2C700%2C0%2C%2C481%2C2%2C%2C%2C%2C1677%3Adsn%3A11%2C38%2C440%2C2%2C700%2C0%2C%2C484%2C3%2C%2C%2C%2C1677%3Awv%3A2%3Aadb%3A2%3Aefid%3A1%3Arqnl%3A1%3Aafr%3Adis6dkj_m87ul27-98a51f002bfb60d1dae34a2961b79429-509f1fde45e554eacfed812a0a82deec-379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ati%3A2%3Ast%3A1633091699%3At%3ATax%20Refund%20Schedule%202021 HTTP 302
  • https://mc.yandex.com/watch/66740299/1?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A837337051785%3Ahid%3A21495531%3Az%3A0%3Ai%3A202101001123458%3Aet%3A1633091698%3Ac%3A1%3Arn%3A130212429%3Arqn%3A1%3Au%3A1633091698367889575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633091696145%3Ads%3A11%2C37%2C441%2C1%2C700%2C0%2C%2C481%2C2%2C%2C%2C%2C1677%3Adsn%3A11%2C38%2C440%2C2%2C700%2C0%2C%2C484%2C3%2C%2C%2C%2C1677%3Awv%3A2%3Aadb%3A2%3Aefid%3A1%3Arqnl%3A1%3Aafr%3Adis6dkj_m87ul27-98a51f002bfb60d1dae34a2961b79429-509f1fde45e554eacfed812a0a82deec-379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ati%3A2%3Ast%3A1633091699%3At%3ATax%20Refund%20Schedule%202021

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
refundschedule2021.net/
Redirect Chain
  • https://www.refundschrrre2021.jesty.a2hosted.com/
  • https://refundschedule2021.net/
58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
24337aa4edfc8f8734c59278cd53b84f1d2c9253160380d9a14030470bc41794
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
refundschedule2021.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-type
text/html; charset=UTF-8
cache-control
public, max-age=-217625,public
expires
Wed, 29 Sep 2021 00:07:52 GMT
last-modified
Tue, 28 Sep 2021 14:07:52 GMT
vary
Accept-Encoding, Cookie
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
referrer-policy
x-powered-by
W3 Total Cache/0.15.1
pragma
public
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMfRGJT%2FwRPt928Joi2hgAKKzEtnr6BUjJJLiVgD5DkInyy3vBXnPSbOqxXE1IIYc7jhXUsMqyulwLie0oneYuOGfNC3CN1L7n0xpIuBrIvqsXDs3ZESKBOgORQPbG7zvLtmJuyEbeba"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6975ba61afa1cdc3-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

x-powered-by
PHP/7.4.23
x-redirect-by
WordPress
location
https://refundschedule2021.net/
content-type
text/html; charset=UTF-8
cache-control
public, max-age=36000
expires
Fri, 01 Oct 2021 22:34:56 GMT
content-length
0
date
Fri, 01 Oct 2021 12:34:56 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
referrer-policy
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
lazyload.min.js
refundschedule2021.net/wp-content/plugins/w3-total-cache/pub/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 13 Oct 2020 14:17:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1883-5f85b709-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chfk8SC5wqWzBxMChBzBXhKkdaQRjj91Tx5B74lTA20WKKQQgNaKt7NYvGNe3xsBRlU5lvxrb2MKS3MBzs5o4i7PXE3UMu2LQga6%2FlpFIWV3UBvr7%2Bz4Nd6fFxomTt%2Fwse7Qzs%2FdWiGk"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba648b06cdc3-CDG
expires
Sat, 01 Oct 2022 12:34:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
bff3fcd1965e8662f836bf1c5475eeaa29abf90f34cfd3f2bd216b8b361267f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50863
x-xss-protection
0
server
cafe
etag
12749516188265366607
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Oct 2021 12:34:57 GMT
49359.css
refundschedule2021.net/wp-content/cache/minify/ 		172 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/cache/minify/49359.css
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
d08f720ba0c788ca6f13614e007a25f0732b329c2cd38a7dcbd6c8bc1af7672a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/cache/minify/49359.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 28 Sep 2021 22:08:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7839-6153925e-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWW7XBcg5xmomgIwPCeyxT6Bb5NuTkKKv1ALYf9N7PidOVmz7pG4%2B%2BoNC%2FMmCdh29Vw8OKfxzuIJaD7KQhJ9997brHRcimR37fY3g%2Fx885DCz4Uc9tscbCS45j0HLFRl4lNbzsoaOKXS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31311213
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba648b08cdc3-CDG
expires
Wed, 28 Sep 2022 22:08:30 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 10:57:46 GMT
server
ESF
date
Fri, 01 Oct 2021 12:34:57 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 12:34:57 GMT
css
fonts.googleapis.com/ 		15 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f106.1e100.net
Software
ESF /
Resource Hash
d62c0ff930b5ae1563cc2903c64043d3aab6566fae687fa0de4fa3daa91f82b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 11:46:35 GMT
server
ESF
date
Fri, 01 Oct 2021 12:34:57 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 12:34:57 GMT
c7035.js
refundschedule2021.net/wp-content/cache/minify/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/cache/minify/c7035.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/cache/minify/c7035.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 28 Sep 2021 22:08:36 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"83b3-61539264-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtTk3U3%2BkMQz8zNg1FSz1x%2F%2Bl0Z9qgU7F3aw5fv43MCvClHCXdxDKyLy81MB7kEQ1grB9AYyX4MsOInYf5il%2FvfM5rWOE8ztIjpQouo5reJgbUmReIQ9sMaujJnCIkBx8tAU%2FQdg0Tuy"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=31311219
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba64ab22cdc3-CDG
expires
Wed, 28 Sep 2022 22:08:36 GMT
02a72.js
refundschedule2021.net/wp-content/cache/minify/ 		134 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/cache/minify/02a72.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
3d27fcba9898f58159d944226fcb42bf3eb6d8806c5f4f3e88516364345745f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/cache/minify/02a72.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 28 Sep 2021 22:08:39 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"6340-61539267-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AznbNG9aF63tgxAiTG4AQXQuORwpOhkRyyQfQhIflULPIZxazbNyzFLH%2FYMioh94H5VUVk4dpDB7GkbgWoYChqGzD%2Fh8lXEJyp8thpMziG5OxfMIR1rzmKqvzIu%2FNFSW%2FShZplMg3KoM"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=31311222
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba64ab24cdc3-CDG
expires
Wed, 28 Sep 2022 22:08:39 GMT
1615d.js
refundschedule2021.net/wp-content/cache/minify/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/cache/minify/1615d.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/cache/minify/1615d.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 28 Sep 2021 22:08:42 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"934-6153926a-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6%2FsU4hiFhBZ3f%2BRYPokYnTY9SLt202fB1IkAwQZxyBwVG%2FpmmXEUGTE0bLSLZWDPikRzGHYRTU9g8b2ZvGJAElpesDC%2Fx5sUmEk1eBP4VJEadiZjeafSVURuKwuihKlucX4aC%2BNpbhs"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=31311225
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba64ab25cdc3-CDG
expires
Wed, 28 Sep 2022 22:08:42 GMT
wp-emoji-release.min.js
refundschedule2021.net/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-includes/js/wp-emoji-release.min.js?ver=5.5.6
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.5.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Thu, 15 Apr 2021 10:22:44 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"3795-607813f4-0;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7Tnu0UTWqL0A0G2j6r%2BKiKFBC279Bt79nOT%2FSgRPjADRfjVjwJKmV0smsWivyuvGP9Cn737ILIscoC3osCnnlSoxA0lvAGqImGz3wdx7cNBRvbKT1QDJ1pFRaiDEwhPAmuBEQ0OexQ%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba64ab28cdc3-CDG
expires
Sat, 01 Oct 2022 12:34:57 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4715c48486842bc61e317ae7412a953b61fb87913a4e316145ccd2168e76a2ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f9bcf7083abb178938772ec3ee2c61464d54ffd65e348cc9afe6c8694a3cb7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ece2f1e49029966317aca28a7ef0c89f3149eb3a5aad1b279d84f14002511cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97133
x-xss-protection
0
server
cafe
etag
9661851892806363187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 01 Oct 2021 12:34:57 GMT
/
refundschedule2021.net/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma
public
referrer-policy
last-modified
Tue, 28 Sep 2021 14:07:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82BcGi7zJFtoc5cDyRJK6j6wElBkQvcF2nOlbggCHJaN%2BhFZuFkgY5Qwgctj4yzezlI9nO1I3wE5JlUo4sYeheHPZyH%2FgL42Rv4FsiRgN8PNRd4yp2%2FZr75Icf4FkEY4n5Dg8aQDnybb"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding, Cookie
cache-control
public, max-age=-217625,public
x-turbo-charged-by
LiteSpeed
cf-ray
6975ba659ecf3a6f-CDG
expires
Wed, 29 Sep 2021 00:07:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame E893 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refundschedule2021.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 30 Sep 2021 23:27:01 GMT
expires
Thu, 14 Oct 2021 23:27:01 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
47276
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		212 B
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=refundschedule2021.net&callback=_gfp_s_&client=ca-pub-2069108844785015
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
359e4cb2ba76ec20c5c328e8c16cc8da6d112f2a6d436b9f67c4258d8a4ee7b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=refundschedule2021.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=refundschedule2021.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E918 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2069108844785015&output=html&adk=1812271804&adf=3025194257&lmt=1632838072&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frefundschedule2021.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633091697522&bpp=7&bdt=184&idt=121&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3722574138409&frm=20&pv=2&ga_vid=1264901266.1633091698&ga_sid=1633091698&ga_hid=340289088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062943&oid=3&pvsid=4105897615306300&pem=483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2069108844785015&output=html&adk=1812271804&adf=3025194257&lmt=1632838072&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frefundschedule2021.net%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633091697522&bpp=7&bdt=184&idt=121&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3722574138409&frm=20&pv=2&ga_vid=1264901266.1633091698&ga_sid=1633091698&ga_hid=340289088&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062943&oid=3&pvsid=4105897615306300&pem=483&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=135
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refundschedule2021.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 01 Oct 2021 12:34:57 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 01-Oct-2021 12:49:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 01 Oct 2021 12:34:57 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27601
x-xss-protection
0
server
sffe
etag
"1632957222552500"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 12:34:57 GMT
tag.js
mc.yandex.ru/metrika/ 		196 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
78b501a3f023ab8867073e26d78e7974e056d3be72fb38a6088fd839380d1709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
content-encoding
br
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-10a32"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
68146
expires
Fri, 01 Oct 2021 13:34:58 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refundschedule2021.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:03:52 GMT
x-content-type-options
nosniff
age
70266
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:03:52 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display%3A400%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refundschedule2021.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:23:00 GMT
x-content-type-options
nosniff
age
11518
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:37 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 01 Oct 2022 09:23:00 GMT
fontawesome-webfont.woff2
refundschedule2021.net/wp-content/themes/savona/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refundschedule2021.net/wp-content/themes/savona/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/wp-content/cache/minify/49359.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://refundschedule2021.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
:path
/wp-content/themes/savona/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/wp-content/cache/minify/49359.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://refundschedule2021.net/wp-content/cache/minify/49359.css
Origin
https://refundschedule2021.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
vary
Accept-Encoding
content-length
77160
pragma
public
referrer-policy
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12d68-5f456b79-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwfM6orzz6jUSvggOZIfunflWYXIw8jjeCHkxx3MyqgdbzIAMfghg0RO%2BXZ5RXfIit7rTuMeoydLsPOzs4SnD2QQkVxeR6dvM0I%2FT5rDYm3eSBM9cFL400J8AlL9p89%2BK7LBOK4GWz8U"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=31536000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba6789393a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400italic%2C400%2C600italic%2C600%2C700italic%2C700&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refundschedule2021.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:07:44 GMT
x-content-type-options
nosniff
age
70034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:07:44 GMT
W2-Form-2021-Online-and-Printable.jpg
refundschedule2021.net/wp-content/uploads/2021/02/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2021/02/W2-Form-2021-Online-and-Printable.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
7992fbf7cc83472bd783e7bec2e0d9dcf95fa41bae4d205936dfab7eb8c12a2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/02/W2-Form-2021-Online-and-Printable.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
55192
pragma
public
referrer-policy
last-modified
Thu, 11 Feb 2021 07:31:23 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"d798-6024dd4b-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxzUt6%2Fp4STi%2FpycIIMtSe68HGLPzBOMiTkkr6E%2B3T%2BggCEn%2FQAITNqWeVrZJEw%2FFkjTdIffJKMlEsBqBNWmD5Ls1YAQlzVXq%2BQvO24%2BUvhzjuWYf%2FEqwm3OFZWXh2epSLZwyGM6Mbof"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9803a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
1031-Exchange-Timeline.jpg
refundschedule2021.net/wp-content/uploads/2020/12/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2020/12/1031-Exchange-Timeline.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
c1bfbbfd489133e205d80537fe5990f4854d68f8aa012100c01e58275edce8c3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2020/12/1031-Exchange-Timeline.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
vary
Accept-Encoding
content-length
135709
pragma
public
referrer-policy
last-modified
Sun, 06 Dec 2020 01:00:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"2121d-5fcc2d18-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RdqQIpqEtb8QGuAIY9INOSM501TrUHufJTeBQKSuOQYm6MJJirvYjetT5rCctVIghmwM9mor9sRAK6pQvTKWmoRdbEhVlV4SiazRZqOEZZMO%2Fv954YJNxWjqRwguoJpmXVCn%2FHM%2Bx0K"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9813a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
How-does-income-tax-withholding-affect-refunds.jpg
refundschedule2021.net/wp-content/uploads/2020/11/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2020/11/How-does-income-tax-withholding-affect-refunds.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
af1990eb1d35131948c603fbb48f21abb867dc1e40668998faa2c758ddb9156f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2020/11/How-does-income-tax-withholding-affect-refunds.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
76014
pragma
public
referrer-policy
last-modified
Mon, 16 Nov 2020 14:10:26 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"128ee-5fb28852-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4C5gi3hUg5qYzsH40Y9YLsvMj%2BDWmSbhHIiE%2Fb1lqSZgnpb7%2BdGYoMa6AymDQ2YexfoNzcyfQoxptTV%2BYIF1XtNIqT9f5Yd6VcMnKfxXTEDskXdVLbM1zlavX1pG8i4j0l11luN58GnC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9823a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
blind-standard-deduction-2021.jpg
refundschedule2021.net/wp-content/uploads/2020/10/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2020/10/blind-standard-deduction-2021.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
58013e090887df90e7f87d94925fdb4569126139a80b0f5d2c57a2d3b2dfdd30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2020/10/blind-standard-deduction-2021.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73283
pragma
public
referrer-policy
last-modified
Sat, 24 Oct 2020 13:56:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"11e43-5f943288-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYvWZrS0o9KWeXQ6OgxfeYJDSbs9%2Fte7fVDJTBVkyq8AjpluNQATiPA%2F8l8pbJDDV1mhntztIAUHyCQLdoY97IK4ukpQR2twd2jZ0f76aCbwj%2Bg%2FOQGfhDk8EgQtAfembnpZ5Hoe1KUT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9833a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
Tax-Brackets-2021.jpg
refundschedule2021.net/wp-content/uploads/2020/08/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2020/08/Tax-Brackets-2021.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
9f7cac93067191919772cf5e45bec7e6af5002241bcd747c05c22b5b144fc296
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2020/08/Tax-Brackets-2021.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
36831
pragma
public
referrer-policy
last-modified
Tue, 25 Aug 2020 10:35:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8fdf-5f44e95c-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNkbycEw7FiQ9R46uwSWDpY5LB5HQClk5RtP7JpnlA9uW%2B%2Fj8UIiKM4g%2BFmjhrYIsp0%2Fz0KMgNmXxShsuWfjk0800w8bOIrW7r1d6LD5SJ48xIruRMuqXlT0kpY0aCbztuUUzTuGAMAg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9863a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
W2-Form-2021-Online-and-Printable-1140x641.jpg
refundschedule2021.net/wp-content/uploads/2021/02/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2021/02/W2-Form-2021-Online-and-Printable-1140x641.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
1f06178fc90cf510527b158f00f23b8d523fa64d36c2de20dc92670a11b37069
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2021/02/W2-Form-2021-Online-and-Printable-1140x641.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
vary
Accept-Encoding
content-length
77252
pragma
public
referrer-policy
last-modified
Thu, 11 Feb 2021 07:31:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"12dc4-6024dd4c-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTIM6%2B%2F320BvQO9nshxwOINdcmvvdL5WFeVdRsB%2Bcxqp2kZPrasfeQR%2BnXcgM68Rp%2FBpWhel%2Bhg0P1lWknB0kozTv3jl%2BB3yHRk%2BCivPUlHqpLB8%2BhL0bGA%2Bt588hSaqUBwLUwmg%2B4Dv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b9883a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
8a9a24de2a9b49beb254b09ff41147fe
secure.gravatar.com/avatar/ 		901 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/8a9a24de2a9b49beb254b09ff41147fe?s=30&d=mm&r=g
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3a6685d05d6850ba09feb651bda0d7eb40da000349e1d89505e8f699f9ecc096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Fri, 01 Oct 2021 12:34:58 GMT
last-modified
Tue, 03 Nov 2020 07:21:15 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8a9a24de2a9b49beb254b09ff41147fe.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8a9a24de2a9b49beb254b09ff41147fe?s=30&d=mm&r=g>; rel="canonical"
content-length
901
expires
Fri, 01 Oct 2021 12:39:58 GMT
1031-Exchange-Timeline-1140x641.jpg
refundschedule2021.net/wp-content/uploads/2020/12/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundschedule2021.net/wp-content/uploads/2020/12/1031-Exchange-Timeline-1140x641.jpg
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.127 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / W3 Total Cache/0.15.1
Resource Hash
cb6b6dec8d2ff163c6298b3bc037491ac9732a483149a5c52f8d7ca7ec4e444c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/wp-content/uploads/2020/12/1031-Exchange-Timeline-1140x641.jpg
pragma
no-cache
cookie
__gads=ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
refundschedule2021.net
referer
https://refundschedule2021.net/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
W3 Total Cache/0.15.1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
132578
pragma
public
referrer-policy
last-modified
Sun, 06 Dec 2020 01:00:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"205e2-5fcc2d19-0;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63072000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nc7LUrQnpNZ%2FfMEo7AQNHT7qbQPfa%2BcVNovj4GIk9N%2F3Tn5Kmg82OSkyX2Jo1O9pabFEZaA1oBJsGT3gfc6r7RqlJnW1bVwxuqgSDX6SnWNO72Fwghh%2FpznGnw4R3nZZfogoeu4SUk2r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
6975ba67b98a3a6f-CDG
expires
Sat, 01 Oct 2022 12:34:58 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame DB27 		2 KB
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
063605ba12f1ba09698807cbd04d3f05f91a9ba6c67ca2d2d07527cd8afce695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
mc.yandex.com
:scheme
https
:path
/metrika/metrika_match.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refundschedule2021.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/

Response headers

content-length
646
date
Fri, 01 Oct 2021 12:34:58 GMT
access-control-allow-origin
*
etag
"614ecf6b-286"
expires
Fri, 01 Oct 2021 13:34:58 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
cache-control
max-age=3600
content-encoding
br
content-type
text/html
strict-transport-security
max-age=31536000
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: refundschedule2021.net
URL: https://refundschedule2021.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
last-modified
Sat, 25 Sep 2021 10:27:39 GMT
etag
"614ecf6b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 01 Oct 2021 13:34:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
fc395cbee64b6669722b7506a517026b44132015d2f1428571fb8ce02c2cb84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 12:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8596
x-xss-protection
0
sync_cookie_image_decide
mc.yandex.com/ Frame DB27
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9413.zUfqdENc-cq8J1D0e0aAuT0MzylMORA2bLgPPP7uCvCRePSfgQRe801RktsU1fyg.66eUY6rE-Ry_eQpK1j0Bl2JUQPY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9413.DWSbPWMAhgKnN3uadR-jU-9jyBNgBAksB07dcmBGeUI1i3BMJE9fD1SLQ9dNttZDmeYpJdPTAUMu4Ah0K-VWPQ%2C%2C.4NeAi5V4Ls5LVNiY19K43cxQVOo%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9413.DWSbPWMAhgKnN3uadR-jU-9jyBNgBAksB07dcmBGeUI1i3BMJE9fD1SLQ9dNttZDmeYpJdPTAUMu4Ah0K-VWPQ%2C%2C.4NeAi5V4Ls5LVNiY19K43cxQVOo%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mc.yandex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9413.DWSbPWMAhgKnN3uadR-jU-9jyBNgBAksB07dcmBGeUI1i3BMJE9fD1SLQ9dNttZDmeYpJdPTAUMu4Ah0K-VWPQ%2C%2C.4NeAi5V4Ls5LVNiY19K43cxQVOo%2C
date
Fri, 01 Oct 2021 12:34:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2069108844785015&plah=refundschedule2021.net&bust=31062943
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 12:34:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 01 Oct 2021 12:34:58 GMT
1
mc.yandex.com/watch/66740299/
Redirect Chain
  • https://mc.yandex.com/watch/66740299?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Autf...
  • https://mc.yandex.com/watch/66740299/1?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Au...
331 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/66740299/1?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A837337051785%3Ahid%3A21495531%3Az%3A0%3Ai%3A202101001123458%3Aet%3A1633091698%3Ac%3A1%3Arn%3A130212429%3Arqn%3A1%3Au%3A1633091698367889575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633091696145%3Ads%3A11%2C37%2C441%2C1%2C700%2C0%2C%2C481%2C2%2C%2C%2C%2C1677%3Adsn%3A11%2C38%2C440%2C2%2C700%2C0%2C%2C484%2C3%2C%2C%2C%2C1677%3Awv%3A2%3Aadb%3A2%3Aefid%3A1%3Arqnl%3A1%3Aafr%3Adis6dkj_m87ul27-98a51f002bfb60d1dae34a2961b79429-509f1fde45e554eacfed812a0a82deec-379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ati%3A2%3Ast%3A1633091699%3At%3ATax%20Refund%20Schedule%202021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
a5e5c9b997910cd3aec5b09aeb4f78bd45b018b77e88eba3faff11071b38342b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 12:34:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 01-Oct-2021 12:34:58 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://refundschedule2021.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Fri, 01-Oct-2021 12:34:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 12:34:58 GMT
last-modified
Fri, 01-Oct-2021 12:34:58 GMT
location
/watch/66740299/1?wmode=7&page-url=https%3A%2F%2Frefundschedule2021.net%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rtxmga0pwxelbxx1%3Afp%3A1730%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A837337051785%3Ahid%3A21495531%3Az%3A0%3Ai%3A202101001123458%3Aet%3A1633091698%3Ac%3A1%3Arn%3A130212429%3Arqn%3A1%3Au%3A1633091698367889575%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1633091696145%3Ads%3A11%2C37%2C441%2C1%2C700%2C0%2C%2C481%2C2%2C%2C%2C%2C1677%3Adsn%3A11%2C38%2C440%2C2%2C700%2C0%2C%2C484%2C3%2C%2C%2C%2C1677%3Awv%3A2%3Aadb%3A2%3Aefid%3A1%3Arqnl%3A1%3Aafr%3Adis6dkj_m87ul27-98a51f002bfb60d1dae34a2961b79429-509f1fde45e554eacfed812a0a82deec-379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ati%3A2%3Ast%3A1633091699%3At%3ATax%20Refund%20Schedule%202021
strict-transport-security
max-age=31536000
access-control-allow-origin
https://refundschedule2021.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 01-Oct-2021 12:34:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3165 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refundschedule2021.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 11:48:24 GMT
expires
Sat, 01 Oct 2022 11:48:24 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2794
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2001 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
024f2e788d14a5cdcd8aac0dc0fbd270d2cec969babbad562d9b6a6fe7511be9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8XBB2zr2mMgQm4KLPvgs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://refundschedule2021.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 01 Oct 2021 12:34:58 GMT
date
Fri, 01 Oct 2021 12:34:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-8XBB2zr2mMgQm4KLPvgs8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame 3165 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 07:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
17137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 07:49:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2001 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=4105897615306300&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=4105897615306300&bg=!WFulWx_NAAZE-GIIRPg7ACkAdvg8WiD_cCep_4QNkXl-wREx_63uEocqcLxdRQ8i2aof1FGKuYFZrwIAAAB9UgAAAAhoAQeZAsRMUT1UwgBHeX8NoJSA3tIrYt9wzYStZVmWiaALon7oVjVL0k370QiOciG_YO0oTY4L5_rNM47cNPhSz8ZoRbBOf7S9omiGBomHKJDCw-Z6xR3O73rS5gf3A1QdBukpEYB91uvAJ1-dfJPEzqo-NfZlQoo78mLSElW4zNtgiPFFNcNGQYojAEtlbKSJHben0ahgu7m7u0X1VoGrVRYnOQyU5646yewXl7nM_K_S737obvCjoyFtj5m_LN35NotZKxCkhkPZx5yFDLVv1Cy7FFyYBPNoD-nPu7S8aA9BQZnSSQLPtVJY51ySYFm1xa5uJYj6rZH9d-AbTHTZVpf-oZ_HMHOb5n8wwGGE2qAMXLcbwurrpjKjFh1zx_8X4NZZ3_NFej9SfgzzLg6J9V1QKnXPQAYErzRXcmWAOdlTzZBrR-vtxyvlZN7a1-vbOct6Rf2A1Oj7ZWVm1Tythw9ox9jW99CNHdXhzPS3RlSq9DawqEm-3G1OaHqiCsBFXCtrI_nNp3WazM1BytBrQE4yYS6rOEj7lvR5cvkgzSiJ4RHlLVrTs97JD6KXq5ow7P5tKMkgc0dPvN5onjGZMS-_vPtpul-UKan7K-5HoGKIsHnqzfx5923RQfVWlv2_yJlCPg_Ib0laEFl1HZX0Gj3qHTt24Mfltbn6kjllVGjlUN8n0XLwr2787BQTyLD4QrKQNMujr6FR2_wQ2KOO5FrhrwKNfaF5-QxXKqPwI37oSN414r0BFCs6_yfA3njoYkbD8hQ09OtqPYM-rm_KFwvZB92T9sVNY1QJrfUKT5YZYknsqmxkygn0s7xPJNiQnIjxqZwpJGMTYTOFTffgCA7pAH8dkq_SN6dH6kJSE40fN5u03MdrBfOAADXVIOa7Rd6Hvnhfw2cKX1Kt8bURxKFrL6QL9jPJYnEUZBFqOqX-eEd7h0OfyoA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://refundschedule2021.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| twemoji object| wp function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| ym number| w3tc_lazyload object| lazyLoadOptions function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof function| LazyLoad undefined| $ function| jQuery object| Ya object| yaCounter66740299 object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
.refundschedule2021.net/ Name: __gads
Value: ID=f9725bb3de25af78-22f3a79583c90056:T=1633091697:RT=1633091697:S=ALNI_MZR1WnfxKylb94Mq2IEN3rGNRgmlQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.refundschedule2021.net/ Name: _ym_uid
Value: 1633091698367889575
.refundschedule2021.net/ Name: _ym_d
Value: 1633091698
.refundschedule2021.net/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1081919361fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3768063994fake
.yandex.com/ Name: yandexuid
Value: 3605680951633091698
.yandex.com/ Name: yuidss
Value: 3605680951633091698
mc.yandex.com/ Name: yabs-sid
Value: 2189984451633091698
.yandex.com/ Name: i
Value: bZfsrovzvHMHXG1GJgaF/8Zo3N3mQbhGVC5MZnPDX1PfcT73IRi1yMHo7o87GKkJgioCAfmPrq4opJxkEgWWnh5/D40=
.yandex.com/ Name: ymex
Value: 1664627698.yrts.1633091698#1664627698.yrtsi.1633091698

3 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9413.DWSbPWMAhgKnN3uadR-jU-9jyBNgBAksB07dcmBGeUI1i3BMJE9fD1SLQ9dNttZDmeYpJdPTAUMu4Ah0K-VWPQ%2C%2C.4NeAi5V4Ls5LVNiY19K43cxQVOo%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://refundschedule2021.net/
Message:
The resource https://refundschedule2021.net/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
refundschedule2021.net
secure.gravatar.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.refundschrrre2021.jesty.a2hosted.com
104.21.6.127
142.250.184.227
142.250.185.66
142.250.186.130
142.250.186.66
142.250.186.68
142.250.74.193
172.217.16.130
172.217.23.106
192.0.73.2
198.100.46.210
216.58.212.162
77.88.21.119
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
024f2e788d14a5cdcd8aac0dc0fbd270d2cec969babbad562d9b6a6fe7511be9
05dae748a374ff9d2ed080b26e10f63ab60dbfd1257bfb3db10b6673957b4e98
063605ba12f1ba09698807cbd04d3f05f91a9ba6c67ca2d2d07527cd8afce695
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f06178fc90cf510527b158f00f23b8d523fa64d36c2de20dc92670a11b37069
24337aa4edfc8f8734c59278cd53b84f1d2c9253160380d9a14030470bc41794
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
327f25b8807e82a8479a0eb23d082e335a8f8023b7e209dfec0688db9a34ab97
359e4cb2ba76ec20c5c328e8c16cc8da6d112f2a6d436b9f67c4258d8a4ee7b4
3a6685d05d6850ba09feb651bda0d7eb40da000349e1d89505e8f699f9ecc096
3d27fcba9898f58159d944226fcb42bf3eb6d8806c5f4f3e88516364345745f0
4715c48486842bc61e317ae7412a953b61fb87913a4e316145ccd2168e76a2ca
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58013e090887df90e7f87d94925fdb4569126139a80b0f5d2c57a2d3b2dfdd30
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
78b501a3f023ab8867073e26d78e7974e056d3be72fb38a6088fd839380d1709
7992fbf7cc83472bd783e7bec2e0d9dcf95fa41bae4d205936dfab7eb8c12a2c
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8f9bcf7083abb178938772ec3ee2c61464d54ffd65e348cc9afe6c8694a3cb7d
9f7cac93067191919772cf5e45bec7e6af5002241bcd747c05c22b5b144fc296
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e5c9b997910cd3aec5b09aeb4f78bd45b018b77e88eba3faff11071b38342b
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
af1990eb1d35131948c603fbb48f21abb867dc1e40668998faa2c758ddb9156f
bff3fcd1965e8662f836bf1c5475eeaa29abf90f34cfd3f2bd216b8b361267f8
c1bfbbfd489133e205d80537fe5990f4854d68f8aa012100c01e58275edce8c3
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
cb6b6dec8d2ff163c6298b3bc037491ac9732a483149a5c52f8d7ca7ec4e444c
d08f720ba0c788ca6f13614e007a25f0732b329c2cd38a7dcbd6c8bc1af7672a
d62c0ff930b5ae1563cc2903c64043d3aab6566fae687fa0de4fa3daa91f82b0
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece2f1e49029966317aca28a7ef0c89f3149eb3a5aad1b279d84f14002511cff
fc395cbee64b6669722b7506a517026b44132015d2f1428571fb8ce02c2cb84c