urlscan.io logo urlscan.io
SecurityTrails logo

intake.officialsetcrefund.com Open in urlscan Pro
188.114.96.9  Public Scan

Go To Rescan Add Verdict Report
URL: https://intake.officialsetcrefund.com/
Submission: On June 10 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main IP is 188.114.96.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is intake.officialsetcrefund.com.
TLS certificate: Issued by GTS CA 1P5 on June 10th 2024. Valid for: 3 months.
This is the only time intake.officialsetcrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.114.96.9 13335 (CLOUDFLAR...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
4 34.111.125.42 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 216.58.206.52 15169 (GOOGLE)
2 34.120.161.19 396982 (GOOGLE-CL...)
28 8
1    188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
intake.officialsetcrefund.com
7    2606:4700:20::681a:1f0 (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.heyflow.cloud
tracking.heyflow.cloud
4    34.111.125.42 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.125.111.34.bc.googleusercontent.com
flows.heyflow.cloud
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:829::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a00:1450:4001:81c::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
zenflow-api.ey.r.appspot.com
3    216.58.206.52 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f20.1e100.net
zenflow-api.ey.r.appspot.com
2    34.120.161.19 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 19.161.120.34.bc.googleusercontent.com
fb.track.heyflow.cloud
Apex Domain
Subdomains		 Transfer
13 heyflow.cloud
fonts.heyflow.cloud — Cisco Umbrella Rank: 365290
flows.heyflow.cloud — Cisco Umbrella Rank: 451913
tracking.heyflow.cloud — Cisco Umbrella Rank: 486245
fb.track.heyflow.cloud
269 KB
8 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 451
214 KB
5 appspot.com
zenflow-api.ey.r.appspot.com — Cisco Umbrella Rank: 561436
467 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
77 KB
1 officialsetcrefund.com
intake.officialsetcrefund.com
25 KB
28 5
Domain Requested by
8 storage.googleapis.com intake.officialsetcrefund.com
flows.heyflow.cloud
5 zenflow-api.ey.r.appspot.com flows.heyflow.cloud
4 flows.heyflow.cloud intake.officialsetcrefund.com
flows.heyflow.cloud
4 fonts.heyflow.cloud intake.officialsetcrefund.com
fonts.heyflow.cloud
3 tracking.heyflow.cloud flows.heyflow.cloud
2 fb.track.heyflow.cloud flows.heyflow.cloud
1 www.googletagmanager.com intake.officialsetcrefund.com
1 intake.officialsetcrefund.com
28 8

This site contains no links.

Subject Issuer Validity Valid
intake.officialsetcrefund.com
GTS CA 1P5		 2024-06-10 -
2024-09-08		 3 months crt.sh
heyflow.cloud
GTS CA 1P5		 2024-04-13 -
2024-07-12		 3 months crt.sh
flows.heyflow.cloud
GTS CA 1D4		 2024-05-02 -
2024-08-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
storage.googleapis.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.appspot.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
fb.track.heyflow.cloud
WR3		 2024-05-17 -
2024-08-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://intake.officialsetcrefund.com/
Frame ID: 97DBADFFA07E63FC57C4EE16D474A52F
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Official SETC Refund Intake

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

8
Subdomains

8
IPs

3
Countries

586 kB
Transfer

1533 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
intake.officialsetcrefund.com/ 		265 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://intake.officialsetcrefund.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cdb43bc0bdccd8c26d7cb0f510bab70c6209b606bfc0b98240ba4dc1f471879a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
891ad060aa9cbb73-FRA
content-encoding
br
content-type
text/html
date
Mon, 10 Jun 2024 16:42:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsL8lJiwoXSya0FzWGOcMk%2FfYgElo7mh98Gp78CPyrjam%2Fl8%2BmbphimY6rjkB67D23hdZKSJ3ruPOo1F630W43l9jnePC5t%2BDrO0cRlUaihSY6SMNa4PLgCPgmDurQ4ePPr%2B82PxmQxcCbtjq1eWYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-cloud-trace-context
c445c80df27eeda27a9030d6469e6ab5
x-powered-by
Express
icon
fonts.heyflow.cloud/ 		472 B
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/icon?family=Material+Icons
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
104863
cf-polished
origSize=571
x-powered-by
Express
last-modified
Sun, 09 Jun 2024 11:34:37 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGYBMydCNgt21KlcVgH7U7aH783wCva2h3d3WRvfSVWkbo%2Fp0YeivDrHBkyqU7AqBkZJJam5hm0hCieF8qzE0VYHJ1FluAIMlXHCsVyrHDbSKxXfIvizRqbpxcGHHCezc2dff0E9Fx1cmTeTLtZcplc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
07cd9fe55df5b0eabc9c3f9f0ec94d2c
cache-control
private, max-age=604800
cf-ray
891ad063ae6c914a-FRA
flow.css
flows.heyflow.cloud/official-setc-refund-intake/www/dist/ 		173 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/flow.css
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
65e2104a1673768d4b348217641f16ab4fb4bda3ef6eb7ef2323a5f66e142e7f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
ABPtcPpJ6W_OB_Mw2QZk7p-wNXJv869hN9BUZc00jougpUaPdNssbJRbs5LusGoSVAVeD_073Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27080
last-modified
Mon, 10 Jun 2024 16:22:12 GMT
server
UploadServer
etag
"e4219a35e63a4e8a97ef5dd3957e319b"
vary
Accept-Encoding
x-goog-generation
1718036532544381
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=9Vpsjg==, md5=5CGaNeY6ToqX713TlX4xmw==
access-control-expose-headers
Content-Type
cache-control
no-store, max-age=0
x-goog-stored-content-length
27080
accept-ranges
bytes
expires
Mon, 10 Jun 2024 16:42:20 GMT
commonjshelpers.chunk.js
flows.heyflow.cloud/official-setc-refund-intake/www/dist/ 		772 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/commonjshelpers.chunk.js
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b4660a8d248ce2ca79617e581694fe6eb3ce712a4acf9e2ef8414531e6f05be3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Origin
https://intake.officialsetcrefund.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
ABPtcPoPf4rL7mKc0Zdtar1Fwi2c2G2Mz_xp-KHEQ19TVoO50kY0Ru6wvpBEBtsYOKmrdUe1I7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
422
last-modified
Mon, 10 Jun 2024 16:22:12 GMT
server
UploadServer
etag
"7d392937fdd9c40de0bcee098cbcd8b7"
vary
Accept-Encoding
x-goog-generation
1718036532148379
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=2xCHsg==, md5=fTkpN/3ZxA3gvO4JjLzYtw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
422
accept-ranges
bytes
expires
Mon, 10 Jun 2024 16:42:20 GMT
app.js
flows.heyflow.cloud/official-setc-refund-intake/www/dist/ 		260 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
81277ed0b73daa8641996890c8a36c83c43e64839d50e81e51c85e194958538b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Origin
https://intake.officialsetcrefund.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
ABPtcPqtFFJv_0L5XbZswZ3qzOnjFSXoEs9Mpm0ulks2DEXQBGgv6kOmczFV9-kZ0GKGiAgqyr4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90656
last-modified
Mon, 10 Jun 2024 16:22:12 GMT
server
UploadServer
etag
"8cc4bcaef89abb96f798aa72f1c552bd"
vary
Accept-Encoding
x-goog-generation
1718036532835237
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=TExs8g==, md5=jMS8rviau5b3mKpy8cVSvQ==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
90656
accept-ranges
bytes
expires
Mon, 10 Jun 2024 16:42:20 GMT
css
fonts.heyflow.cloud/ 		45 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Raleway:300,400,500,600,700,800|Playfair+Display:300,400,500,600,700,800&display=swap
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6c182fbbbc2d5efa2a188c6847e9896671d731438e86508a8e86c6d1dc67b58a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
231955
cf-polished
origSize=53712
x-powered-by
Express
last-modified
Sat, 08 Jun 2024 00:16:25 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPxulBI9ommiqQvysvVtnTFD8fdnetysb0jY09zG7a1kN7tNXZOaZVDPAuY%2FKKVgAWRQtHb1runxKJzHKjQc%2B1cXt5rbNy%2BS6Kj%2Ba%2BTIkqBwjnZr96S2IHJVlgpOavnpKIFa6jVoYspksy2sU%2FwUEOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
3078fb828a0325ad3acc270df98cd67d
cache-control
private, max-age=604800
cf-ray
891ad063ae6d914a-FRA
gtm.js
www.googletagmanager.com/ 		231 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W4PN428F
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e44b81675548ec8d6631ba0b6dc590c855284f85c2c68f9b0078c7e3d2b8884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78879
x-xss-protection
0
last-modified
Mon, 10 Jun 2024 16:04:13 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 10 Jun 2024 16:42:20 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.heyflow.cloud/s/raleway/v34/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Raleway:300,400,500,600,700,800|Playfair+Display:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Raleway:300,400,500,600,700,800|Playfair+Display:300,400,500,600,700,800&display=swap
Origin
https://intake.officialsetcrefund.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324794
x-powered-by
Express
content-length
48336
last-modified
Thu, 06 Jun 2024 22:29:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJv9Tx9ZUp6Ro3Ot4AMS7ssqktXBx5vrriGtEV8X6M1pj3UbFmN6%2Fe4EoSsbJlJupBuRdDUJp5jHsK0Z9IdWek8Q4aOhzhcLJgPd94IK8ZlhqlP52%2FgWOy8%2FJKTg8jYsmJZlA1cdUzGRD6%2Fl2GtIVxI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
d54dd0d6a3e0ee84c136b33d7bad3243
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
891ad0662e8c9ba4-FRA
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.heyflow.cloud/s/playfairdisplay/v37/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.heyflow.cloud/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.heyflow.cloud
URL: https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Raleway:300,400,500,600,700,800|Playfair+Display:300,400,500,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.heyflow.cloud/css?family=Open+Sans:300,400,500,600,700,800|Raleway:300,400,500,600,700,800|Playfair+Display:300,400,500,600,700,800&display=swap
Origin
https://intake.officialsetcrefund.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
440268
x-powered-by
Express
content-length
38372
last-modified
Wed, 05 Jun 2024 14:24:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpCFx1GeLSxsAEwoHgwykroV6RZaljuGCDZuNNqO0wSNkC2NIMRITaKPhtace6W286U2eyoL8A63cNOerYH6496bH9kPdfjh9HHkjhBEgsG4CZ0fHZmN4vwP%2BBSKCwmegktBPuhl4yUqK6D7GNRk684%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
x-cloud-trace-context
dbad033e44035b1775a51c1b907b1137
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
891ad0662e909ba4-FRA
mobile.avif
storage.googleapis.com/builder.zenflow.de/official-setc-refund-intake/www/assets/64bf1c8e-f38d-4856-8036-84f57762f216/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/official-setc-refund-intake/www/assets/64bf1c8e-f38d-4856-8036-84f57762f216/mobile.avif
Requested by
Host: intake.officialsetcrefund.com
URL: https://intake.officialsetcrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b4e9cf94f1f1a7d171ed4211213afcab298c78d7322a08f36a11f45a28b4c3e0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:00:10 GMT
content-encoding
gzip
age
2530
x-guploader-uploadid
ABPtcPrOBYvFw8vXrodmqc_oi_0SHQODW546mcrrOiSFAFZhhwQpNK5FOl0QqJ-szLJ3Df9cMx_0SvRxUw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10434
last-modified
Mon, 10 Jun 2024 15:56:45 GMT
server
UploadServer
etag
"cfd950de49566c1aa9827ca760bd9088"
vary
Accept-Encoding
x-goog-generation
1718035005500875
x-goog-hash
crc32c=O1OHXQ==, md5=z9lQ3klWbBqpgnynYL2QiA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
10434
content-type
image/avif
expires
Thu, 05 Jun 2025 16:00:10 GMT
desktop.avif
storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/4b11675a-93cc-4fb8-ad68-3e7d7089fed6/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/4b11675a-93cc-4fb8-ad68-3e7d7089fed6/desktop.avif
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
9911288e33571f436292dd7e24f6e3d470142e092955f0bd2a78d32817b29783

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPraJyZnwmkGvlHc4WyqCqfAamJlYZIF479b6JscWP9HOBWJwBfMTn7npG_dD17m-kfCgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
171988
last-modified
Wed, 05 Jun 2024 18:12:37 GMT
server
UploadServer
etag
"d6504a3a5aeb58d9f0fd7e369fc9f3fe"
vary
Accept-Encoding
x-goog-generation
1717611157518332
content-type
image/avif
access-control-allow-origin
*
x-goog-hash
crc32c=4xt8lA==, md5=1lBKOlrrWNnw/X42n8nz/g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
171988
expires
Thu, 05 Jun 2025 16:42:20 GMT
icon.avif
storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/7fb38f41-7f07-4461-9038-8e9f3a092e54/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/7fb38f41-7f07-4461-9038-8e9f3a092e54/icon.avif
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6fefa21e68173c5dee30658ccd4358887615c2e73df3a998892a69194ca78a20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrudnlS4raYRq0oZXZ8yhQt0_UPR661LEai6G5mqs4S5mYHGG95Mh0inWUhTf61Mcv55pA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2300
last-modified
Tue, 04 Jun 2024 17:49:41 GMT
server
UploadServer
etag
"aab2fbb3d11361ba9eae31f170449903"
vary
Accept-Encoding
x-goog-generation
1717523381595164
content-type
image/avif
access-control-allow-origin
*
x-goog-hash
crc32c=7U4i8A==, md5=qrL7s9ETYbqerjHxcESZAw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
2300
expires
Thu, 05 Jun 2025 16:42:20 GMT
icon.avif
storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/2ada75df-82dc-42c5-a3df-e60db214d751/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/2ada75df-82dc-42c5-a3df-e60db214d751/icon.avif
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
b7e75f37ae9d494b04f324e4d54731b0e6e59766a6ddfbe0ef698ca32a12e5c1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqocB5CqkHEgZ9lUVFbKi54e9lo387h6liFB3OqReDG-Iknwgnf0k_2TKC-k4xinjRfFA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2270
last-modified
Tue, 04 Jun 2024 17:50:31 GMT
server
UploadServer
etag
"60706f027e29596f4c557ec7d2a76fe2"
vary
Accept-Encoding
x-goog-generation
1717523431331325
content-type
image/avif
access-control-allow-origin
*
x-goog-hash
crc32c=DrIUNw==, md5=YHBvAn4pWW9MVX7H0qdv4g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
2270
expires
Thu, 05 Jun 2025 16:42:20 GMT
icon.avif
storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/5343b277-7e14-452d-8154-c556c28a0caf/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/5343b277-7e14-452d-8154-c556c28a0caf/icon.avif
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2743096151651eab826975bf446ba1db223404417aaa0206cb8dde56a740bb7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPook-ZtZV2-rgjUQ4tccWICvGI_xcJtu4RJ0OXxxhT_sQy37hmytaXCtk_TLFt5r4gzHA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2676
last-modified
Tue, 04 Jun 2024 17:50:46 GMT
server
UploadServer
etag
"64108369f465ac8e88fd201c9288845d"
vary
Accept-Encoding
x-goog-generation
1717523446320845
content-type
image/avif
access-control-allow-origin
*
x-goog-hash
crc32c=1h9TdA==, md5=ZBCDafRlrI6I/SAckoiEXQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
2676
expires
Thu, 05 Jun 2025 16:42:20 GMT
icon.avif
storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/45ae11ef-c96f-4ddf-b178-49a566c8bd58/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/builder.zenflow.de/healthcare-professionals/www/assets/45ae11ef-c96f-4ddf-b178-49a566c8bd58/icon.avif
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7db3952135b19eba8c180862b047ee604807780d07be351d36d6851354de9adf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpxnpzU6w7cGFXjECxLJzifMON3FrQeHgNvbY1T6QG8jF0prg9Vo-W5nSbnNYKPQZq2XQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2411
last-modified
Wed, 05 Jun 2024 13:58:08 GMT
server
UploadServer
etag
"dbe860c6d74220cb02ea8d0e14a5d120"
vary
Accept-Encoding
x-goog-generation
1717595888745016
content-type
image/avif
access-control-allow-origin
*
x-goog-hash
crc32c=OXCL9g==, md5=2+hgxtdCIMsC6o0OFKXRIA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=0, s-maxage=31104000
x-goog-stored-content-length
2411
expires
Thu, 05 Jun 2025 16:42:20 GMT
logs
zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/ 		26 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
e804737b045f6a69f59142855fc0ae79
cache-control
private
libphone.chunk.js
flows.heyflow.cloud/official-setc-refund-intake/www/dist/ 		237 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/libphone.chunk.js
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.125.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.125.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
49e3760da9f3a7773776ead6ab7d6999a051054268e45838b6ba7f0a675981d5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Origin
https://intake.officialsetcrefund.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
via
1.1 google
x-guploader-uploadid
ABPtcPoY6gmhEeMl0OPkIE0KKFT3ff4HZQFMtXaSzTQfWqzLWdWYxYJD9pnVNZ4vEbMlFd2Un14
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63965
last-modified
Mon, 10 Jun 2024 16:22:12 GMT
server
UploadServer
etag
"57657e52e174204e1b2fda8daa544c52"
vary
Accept-Encoding
x-goog-generation
1718036532737691
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=lyHb/g==, md5=V2V+UuF0IE4bL9qNqlRMUg==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
no-store, max-age=0
x-goog-stored-content-length
63965
accept-ranges
bytes
expires
Mon, 10 Jun 2024 16:42:20 GMT
/
tracking.heyflow.cloud/ 		2 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:20 GMT
via
1.1 google, 1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKGjK4hpg%2Fgac75jsh9C9i4b%2Ft2OtDTLeBm6b8POVJQKL1r3%2Fs2IrtbdrTSCjHVcv4kkSHycNcCAnLtsiSiDti1SFay53%2F23DHh2%2FmXowt4PLyjt16cs7k5IS3cbQZUvewO9epNg706Xhl5%2B3kBWiuaySPg%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context
05ceb0bd7bde6008f92346114b220efa
cf-ray
891ad067989d9ba4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
logs
zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/logs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://intake.officialsetcrefund.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type
text/html
date
Mon, 10 Jun 2024 16:42:20 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
server
Google Frontend
strict-transport-security
max-age=15552000; includeSubDomains
vary
Access-Control-Request-Headers
x-cloud-trace-context
d3decdc0a5c0652a0d0f40f86d971679
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
tracking.heyflow.cloud/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://intake.officialsetcrefund.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
891ad066cf809ba4-FRA
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 10 Jun 2024 16:42:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrcexA5io40YkNYyJAL8aKk7ohsIsb%2FeIIyYESI8%2FM1IkHYbSH27knfXoVyKJYtjgzDnSCDK5p9jzumfAXCi6YOFFSte5ALuXJ1QvWOotoVqxEooao6nUlVUBtI41UixS7eZqQq2h728tRV3MEAByRfeKvw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google, 1.1 google
x-cloud-trace-context
35c63260fca5fa0ea570fe82af7aa9fd
logs
zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
e6dd0b8a6ad9d6b753b5e4ada744e43c
cache-control
private
/
tracking.heyflow.cloud/ 		2 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.heyflow.cloud/
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:21 GMT
via
1.1 google, 1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkHlIoYD%2F51hjPkMU%2BIWQ3bkGH67hJX3f13pvGjJDDs%2FMzqvmJ06qJWGrN1JueZZSzqo3fNytzxE3sXF%2BmItwuJfOlL2%2Bib9ygPKP%2FxJe0HE488aQmgKQOTDd1%2Frp7DtoICTPxKaGTJrwAGMjY9kuz3T9oM%3D"}],"group":"cf-nel","max_age":604800}
x-cloud-trace-context
9a5e09f2340c92b2672ea54125ec0adc
cf-ray
891ad0695afa9ba4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
/
fb.track.heyflow.cloud/ 		101 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fb.track.heyflow.cloud/
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.161.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.161.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
d865bdbf5a39b8903ee602af0945b8182fc51a00a83efb639cdcb7c04fcafcc6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 16:42:22 GMT
via
1.1 google, 1.1 google
server
Google Frontend
access-control-allow-methods
GET, POST, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
53457b97e312bab2f08995b09b72ba54
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
logs
zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:42:20 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
cbb1960d825c6e301607b3b7d79217e3
cache-control
private
/
fb.track.heyflow.cloud/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fb.track.heyflow.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.161.19 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
19.161.120.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://intake.officialsetcrefund.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, PUT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 10 Jun 2024 16:42:21 GMT
server
Google Frontend
via
1.1 google, 1.1 google
x-cloud-trace-context
a66e2d80a4050dc2e4c19c7aae5ef146
logs
zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/ 		26 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zenflow-api.ey.r.appspot.com/flow/official-setc-refund-intake/logs
Requested by
Host: flows.heyflow.cloud
URL: https://flows.heyflow.cloud/official-setc-refund-intake/www/dist/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.52 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcfraa-aa-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://intake.officialsetcrefund.com/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Mon, 10 Jun 2024 16:42:21 GMT
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
x-xss-protection
0
referrer-policy
no-referrer
server
Google Frontend
etag
W/"1a-wrpoHgQhjgE/RLF0gVFeNgcGaxs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
expect-ct
max-age=0
access-control-allow-origin
*
content-type
application/json; charset=utf-8
x-cloud-trace-context
49207c52842ac8ea4b363644e485e1bd
cache-control
private
heyflow_favicon.png
storage.googleapis.com/heyflow-eu-static/logos/ 		24 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/heyflow-eu-static/logos/heyflow_favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 15:56:28 GMT
age
2753
x-guploader-uploadid
ABPtcPqF58ZcM7MaMwydLUGvEIfgy6YmkrF_DsdYUIuilmbdA2SC91sYDi09WxwBAMWVrKGSDVo4hYdCtw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24910
last-modified
Tue, 13 Dec 2022 16:56:50 GMT
server
UploadServer
etag
"1dcf042351cfe390fac5175276224e87"
x-goog-generation
1670950610529018
x-goog-hash
crc32c=FiGvuw==, md5=Hc8EI1HP45D6xRdSdiJOhw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
24910
accept-ranges
bytes
content-type
image/png
expires
Mon, 10 Jun 2024 16:56:28 GMT
heyflow_favicon.png
storage.googleapis.com/heyflow-eu-static/logos/ 		24 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/heyflow-eu-static/logos/heyflow_favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://intake.officialsetcrefund.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 15:56:28 GMT
age
2753
x-guploader-uploadid
ABPtcPqF58ZcM7MaMwydLUGvEIfgy6YmkrF_DsdYUIuilmbdA2SC91sYDi09WxwBAMWVrKGSDVo4hYdCtw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24910
last-modified
Tue, 13 Dec 2022 16:56:50 GMT
server
UploadServer
etag
"1dcf042351cfe390fac5175276224e87"
x-goog-generation
1670950610529018
x-goog-hash
crc32c=FiGvuw==, md5=Hc8EI1HP45D6xRdSdiJOhw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
24910
accept-ranges
bytes
content-type
image/png
expires
Mon, 10 Jun 2024 16:56:28 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| currentlyMounting object| heyflow function| onImageLoadError object| dataLayer object| integration object| windowConstants function| filterCSS function| filterXSS function| Cleave object| google_tag_manager object| google_tag_data

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fb.track.heyflow.cloud
flows.heyflow.cloud
fonts.heyflow.cloud
intake.officialsetcrefund.com
storage.googleapis.com
tracking.heyflow.cloud
www.googletagmanager.com
zenflow-api.ey.r.appspot.com
188.114.96.9
216.58.206.52
2606:4700:20::681a:1f0
2a00:1450:4001:811::2008
2a00:1450:4001:81c::2014
2a00:1450:4001:829::201b
34.111.125.42
34.120.161.19
2743096151651eab826975bf446ba1db223404417aaa0206cb8dde56a740bb7e
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
49e3760da9f3a7773776ead6ab7d6999a051054268e45838b6ba7f0a675981d5
4e44b81675548ec8d6631ba0b6dc590c855284f85c2c68f9b0078c7e3d2b8884
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
65e2104a1673768d4b348217641f16ab4fb4bda3ef6eb7ef2323a5f66e142e7f
6c182fbbbc2d5efa2a188c6847e9896671d731438e86508a8e86c6d1dc67b58a
6fefa21e68173c5dee30658ccd4358887615c2e73df3a998892a69194ca78a20
7db3952135b19eba8c180862b047ee604807780d07be351d36d6851354de9adf
81277ed0b73daa8641996890c8a36c83c43e64839d50e81e51c85e194958538b
9389cde6ad124f27ad02e5acc8be301f2fe5c72f4d7e8b05c63dd06f1bb37d7d
9911288e33571f436292dd7e24f6e3d470142e092955f0bd2a78d32817b29783
b4660a8d248ce2ca79617e581694fe6eb3ce712a4acf9e2ef8414531e6f05be3
b4e9cf94f1f1a7d171ed4211213afcab298c78d7322a08f36a11f45a28b4c3e0
b7e75f37ae9d494b04f324e4d54731b0e6e59766a6ddfbe0ef698ca32a12e5c1
bc75d2bf05221927704d5d29a4ed8e67b6436a2eebc3cd2c83f476ca6875895d
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
cbd2e6e4eb3f2d4ee25a3e15c40a737d0ed419a08f2051dc3addbe3c1cd1a1ab
cdb43bc0bdccd8c26d7cb0f510bab70c6209b606bfc0b98240ba4dc1f471879a
d865bdbf5a39b8903ee602af0945b8182fc51a00a83efb639cdcb7c04fcafcc6