get.steamrefund.com Open in urlscan Pro
2606:4700:20::681a:93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://get.steamrefund.com/
Submission: On September 29 via manual (September 29th 2023, 12:42:56 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 77 HTTP transactions. The main IP is 2606:4700:20::681a:93, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.steamrefund.com.
TLS certificate: Issued by GTS CA 1P5 on August 13th 2023. Valid for: 3 months.

This is the only time get.steamrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	2606:4700:20:... 2606:4700:20::681a:93	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.189.30 13.224.189.30	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:d800:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
19	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
5	13.32.99.67 13.32.99.67	16509 (AMAZON-02) (AMAZON-02)
2	52.1.93.137 52.1.93.137	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::396	54113 (FASTLY) (FASTLY)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:130	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	23.36.163.249 23.36.163.249	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	2600:9000:225... 2600:9000:225e:2600:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
77	30

4 2606:4700:20::681a:93 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

get.steamrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-30.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:d800:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-67.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.93.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-93-137.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:130 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.stape.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.249 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-249.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:225e:2600:6:9280:1080:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net	151 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 4552 d.adroll.com — Cisco Umbrella Rank: 2238	89 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 875	138 KB
5	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 42241	41 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	750 B
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1878 www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 4075 tr.outbrain.com — Cisco Umbrella Rank: 3583 wave.outbrain.com — Cisco Umbrella Rank: 4002	8 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	302 KB
4	steamrefund.com 1 redirects get.steamrefund.com gtm.steamrefund.com Failed	16 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1262 trc.taboola.com — Cisco Umbrella Rank: 907 trc-events.taboola.com — Cisco Umbrella Rank: 2331	22 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	87 KB
2	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 46256	233 B
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 38350	37 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 2076	637 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	726 B
1	t.co t.co — Cisco Umbrella Rank: 707	376 B
1	google.de www.google.de — Cisco Umbrella Rank: 3974	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 11	455 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	17 KB
1	stape.io cdn.stape.io — Cisco Umbrella Rank: 72534	6 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1759	8 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
77	24

	Domain	Requested by
19	d9hhrg4mnvzow.cloudfront.net	get.steamrefund.com
5	s.adroll.com	1 redirects get.steamrefund.com s.adroll.com
5	analytics.tiktok.com	get.steamrefund.com analytics.tiktok.com
5	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
4	tr.snapchat.com	sc-static.net
4	www.googletagmanager.com	get.steamrefund.com www.googletagmanager.com
4	get.steamrefund.com	1 redirects get.steamrefund.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com get.steamrefund.com
2	tr.outbrain.com	amplify.outbrain.com
2	connect.facebook.net	get.steamrefund.com connect.facebook.net
2	events.ub-analytics.com	d1wbjksx0xxdn3.cloudfront.net
2	builder-assets.unbounce.com	get.steamrefund.com
1	trc-events.taboola.com	cdn.taboola.com
1	www.facebook.com	get.steamrefund.com
1	d.adroll.com	s.adroll.com
1	trc.taboola.com	cdn.taboola.com
1	region1.google-analytics.com	www.googletagmanager.com
1	alb.reddit.com	get.steamrefund.com
1	wave.outbrain.com	amplify.outbrain.com
1	analytics.twitter.com	get.steamrefund.com
1	t.co	get.steamrefund.com
1	www.google.de	get.steamrefund.com
1	www.google.com	get.steamrefund.com
1	amplify.outbrain.com	get.steamrefund.com
1	static.ads-twitter.com	get.steamrefund.com
1	sc-static.net	get.steamrefund.com
1	cdn.stape.io	www.googletagmanager.com
1	cdn.taboola.com	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	d1wbjksx0xxdn3.cloudfront.net	get.steamrefund.com
0	gtm.steamrefund.com Failed	cdn.stape.io
77	32

This site contains no links.

Subject Issuer	Validity	Valid
steamrefund.com GTS CA 1P5	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
stape.io Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-08` - `2023-10-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://get.steamrefund.com/
Frame ID: 0E0FF9432BCE34BC0516FB8EA2D643B7
Requests: 73 HTTP requests in this frame

Frame: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 3900756CBF26554D16245C93EBF5B1FB
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=24e37a8f-f4eb-4696-9614-ea3c9fc10b69&u_sclid=01ca191b-b0b3-464c-8889-dded32852270
Frame ID: CA46613540F4C0450DE5354CF3A31F65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

77
Requests

94 %
HTTPS

48 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

963 kB
Transfer

2905 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 50

https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
get.steamrefund.com/ 91 KB
11 KB 95ms
44ms Document
text/html 2606:4700:20::681a:93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c20e5367fe55a37143fa026b9879587fe3cc93f436c88274a4366cd166c0497

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 80e0304508654d4a-FRA
content-encoding: br
content-location: https://get.steamrefund.com/
content-type: text/html; charset=utf-8
date: Fri, 29 Sep 2023 00:42:51 GMT
link: <https://get.steamrefund.com/>; rel="canonical"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9V8OG0VEH16%2F11x0olxm5HgjJfvdjUNLqnuJfJwi7lhEPXHdPEpmhz5EGDOpHR4z4EjfHBxrRinTx4OuEu4G2szPJBqaVmM22j832W%2F7inG4CY87l07HTjcrSxY6x%2FXUMsANnTTvhGH6KIMVnEuTdiw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-proxy-backend: page-server
x-unbounce-pageid: d526434c-0dc6-4d14-b154-0300c8623898
x-unbounce-variant: j
x-unbounce-visitorid: 833e312d-ffa3-4573-a174-a31b8084cbb3

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 35ms
8ms Stylesheet
text/css 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:43 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-version-id: fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop: FRA2-C1
age: 5554148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Tue, 11 Jul 2023 16:18:48 GMT
server: AmazonS3
etag: "99b89a3d5f7bab4f89aad694ef70a6d8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7SDRYD2QE5aQMWRf7zRTYkPyP0dPeKwrfTo5bqGJuTlNbL5on6bpZw==

GET
H2 200 bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js Show response
d1wbjksx0xxdn3.cloudfront.net/lts/ 43 KB
43 KB 50ms
8ms Script
application/javascript 2600:9000:21f3:d800:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d800:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 21:12:38 GMT
x-amz-version-id: L8NSUzd.VhCea40EMWB5R42ATfjEGDgY
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 20:49:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 185414
etag: "e31f6a704f0c9b178435edc2658c9e37"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 43694
x-amz-cf-id: X4GBfzG_PoEPTQrmLYtnDuNxnJHwefUUfRS2cf-SEhKVXJDtZKB9vw==

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 9ms
8ms Script
application/javascript 13.224.189.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-30.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:30:14 GMT
content-encoding: gzip
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
x-amz-version-id: 6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop: FRA2-C1
age: 5796758
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 11 Jul 2023 16:18:45 GMT
server: AmazonS3
etag: "3208b0848f289d158acfc0caf5894954"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: agiyFU5QuPBt5TQ8Iw44iId8lnHmO3BzncMkKvPA65KzJHx0Kf2RoQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
84 KB 47ms
25ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bddcdc2d4855929eaa9f4e469c2e860a98b18708da57af571e32c24fd79521a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85370
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 00:24:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Sep 2023 00:42:51 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 a2e9656d-clock-1-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 346 B
769 B 37ms
8ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/a2e9656d-clock-1-1_1000000000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60b708e3bb317a230cc4346b52705c032293a83e7d5be775b02b4d4a36db1005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:07:09 GMT
x-amz-version-id: gfr_1QmKyOuIVDIPM8C7O8AyCKG1xX4m
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6737743
etag: "21f7e4024fe781f6872e77550d7878dd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 346
x-amz-cf-id: NxWbvNJUudwwQsvixv4vPdqbw4IYMJgRfnyMyuIsmHb2SZFtGfvQ9g==

GET
H2 200 fac8add4-image-2-1_100000006v01o005000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 2 KB
3 KB 39ms
10ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/fac8add4-image-2-1_100000006v01o005000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc8eb177d036c7cd7e85f0d2637e8746d5c0740b01fb15fca100d02d37179854

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:30 GMT
x-amz-version-id: xn2GCfEhBLrZPk6VcatZb35Isxn4AK5f
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115642
etag: "1a28d3042196b4c4f1f9dc115b3e1f45"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2343
x-amz-cf-id: 64xVjzUuXOM5aIiafDzMh-lSyxAowLxwynxanfJHlZfoySC4e8pbGA==

GET
H2 200 f0c35cff-image-97_100000000000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 44 KB
45 KB 39ms
11ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/f0c35cff-image-97_100000000000000000001o.jpg
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7ec4180be0bee401745f81e14821e442e17fcdb19c6a9b90986c783e0584c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:30 GMT
x-amz-version-id: I7ys3O2xIM6evUvrCWD7ctlNntRSs5Jr
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115642
etag: "0965bb37f74382f731e2d4eb871002d7"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 45430
x-amz-cf-id: P5WbXMYXQOFnNTZrnQEPQQs3-lomfvVLUcGZ0Ikip0yUUmn_jfU39A==

GET
BLOB 200
OK a9be7090-f070-4fb4-808f-737fec48f704
https://get.steamrefund.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://get.steamrefund.com/a9be7090-f070-4fb4-808f-737fec48f704
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 5 KB
1 KB 345ms
309ms Stylesheet
text/css 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

59ac725429ede98f74947527e56ee6adefc25fa1ecc4758248a14dc9725f9ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: d3572140-9d33-4024-82ed-1ffa2468d223
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: L_mN1HRzIAMES2w=
content-length: 749
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-65161d8b-4a51a2fe772d8adc0aea1e32
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: WDv-UjKDSdo2_FLUOp40v1QENDf9IdeTj3nCgZVWCd4GpGxNZ9JeFA==

GET
H2 200 56c7be15-untitled-design_106f06f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 7 KB
7 KB 20ms
17ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/56c7be15-untitled-design_106f06f000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7899c5cab027e001814e1641c3949923e9f17a49a70a7a066710fc3dd1ae318b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 23:00:42 GMT
x-amz-version-id: S679fOAQQ5CL8aj4X12fEhf1fVjC7z9Y
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5449330
etag: "57f839ce0141194bc512049d4dec6d5e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 6730
x-amz-cf-id: H3DVelkhBP9t86dmMMbSfk_wa0zVJvf1saQ4CpLQq32djNsO9V50GQ==

GET
H2 200 9850604d-icons8-legal-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 505 B
925 B 21ms
18ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/9850604d-icons8-legal-1_1000000000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 296403224467b0696e952995d954fb75927f2c50449963d2664d6c425227fb68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:30 GMT
x-amz-version-id: UpVAxSGNZZe6q.aznGwHbpC7W3zXxlq7
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115641
etag: "6e2e394ae46c3d430ad193cb4e0272aa"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 505
x-amz-cf-id: VhJKyp0jG8LALGSU9Xp6BzN-44t2ILKneaT7w_qBYOPBhdha6kMuFw==

GET
H2 200 dad2e6ee-icons8-discussion-1-1_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 499 B
920 B 21ms
17ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/dad2e6ee-icons8-discussion-1-1_1000000000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0ce992672dcec644634af802f494b8e0857147cb1b6316dad59a76d9763c589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:31 GMT
x-amz-version-id: OcKmgF6PSY803mOBhxaTWq06TDJq9wa0
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115641
etag: "f1fa9ac56c7ddce2f72d183587498435"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 499
x-amz-cf-id: KnzWBMvxNQ84zbxl0kQqQPBZ43awV37XvRKsVAD_yt8HXOruMzZbPA==

GET
H2 200 daed21bb-icons8-justice-scale-64_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 576 B
997 B 22ms
18ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/daed21bb-icons8-justice-scale-64_1000000000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f10d6b4c19c7e53e5d781ed10e3c856d7766ac1e9325dd9cf63dfeb48e82cd15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:19:45 GMT
x-amz-version-id: kHwRwtpWWWfbfAwgbwFdgQ3ANqUzpTXc
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5750587
etag: "a563a6896d3cef821e8c141a5590d81f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 576
x-amz-cf-id: NO4XOSRVq5_ZtXPCQeHz-OT8EQbEU_5Gtwpb7ei47rw7OhjFrgSZXQ==

GET
H2 200 9ec39a54-img-hero_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 1 KB
1 KB 22ms
19ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/9ec39a54-img-hero_1000000000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 328bf78d9037cf1d442674cf214abe79dfe9bb1d5990958d3f150aa1960c0770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:31 GMT
x-amz-version-id: 7ic6NFjnkbbS0.68mkbJtdHiUFXtSKKV
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115641
etag: "52cf69f342fe4091581d5cc9c8488a1c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1076
x-amz-cf-id: 4cFcAb0w7FfPnktyz3YUz2gtO6FopQnFMh-JvsDkwjHvKX5Yk3Rl1g==

GET
H2 200 56c7be15-untitled-design_1078078000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 8 KB
8 KB 22ms
19ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/56c7be15-untitled-design_1078078000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e1e9a17ca7de1669b96ae622b530c46a3f7aad0a477c526e8fc174c3368dfb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 16:52:58 GMT
x-amz-version-id: JVVSTbqp_XgFc2zxGkHpWFWXTsWAC8MJ
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5816994
etag: "082f11974d5262e083da1ea08fc13a1b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 7950
x-amz-cf-id: ulXKeEX3xljNcXZfT8-s1RqPT8d-n1Riv7WWIZlfTDpoWCuCg_nqHQ==

GET
H2 200 1c9cc220-image-104_113t07b03t02z08a003028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 3 KB
4 KB 22ms
20ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_113t07b03t02z08a003028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be6f0dab542b9db3753c4ab63a5f7c9814826f652471b174f3503fbc0b3b6065

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 06:52:57 GMT
x-amz-version-id: 6mnYDMzCmzw6hyO9fRzRJBYufD8stdnr
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5593795
etag: "3dbda966958efaf8a5bd8328e28f90d2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3175
x-amz-cf-id: qRdPxucbXxcJMP0h8K0LGlngHzZWCpdTkvaXyDCEng7ZWqtMEPR_6g==

GET
H2 200 1c9cc220-image-104_100000005z0300d000a028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 5 KB
5 KB 23ms
20ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_100000005z0300d000a028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edead83bade592bfbb518785d5a375b822a95d91b6874325efc9af58520821b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 05:55:31 GMT
x-amz-version-id: 5KgEdHJ3gbuUJkXiYXvO0_CyRXMdln7R
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6115641
etag: "0f642c56a6afb26edccac75a2304b678"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4826
x-amz-cf-id: LlGUyx4jwCpssJuRBf-RQFm5fJXkZDd2EAS-0vDVqSUD5PvBQldAtQ==

GET
H2 200 1c9cc220-image-104_111d06x08902u0if00a028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 5 KB
6 KB 23ms
21ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_111d06x08902u0if00a028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f0f20c2a0443bc08689acb871745e8d80299d6a8c568ad713413a0d1c4968d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 06:52:57 GMT
x-amz-version-id: ip8hfkYXChI.rhT4f47sGFQdZPCYaSiK
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5593795
etag: "9b3b0ad15ecb5871f7bd7a74f7df87ea"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 5256
x-amz-cf-id: HzknjjFzTlRfgfIYRjFuPpISPcsPVPZ2_qztQAbWRN0GMmu5j_-TgA==

GET
H2 200 1c9cc220-image-104_100000002x0300sx008028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 9 KB
9 KB 24ms
22ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_100000002x0300sx008028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 320d4eb4df987dd82522b916ae2ce75617584ca508d77dde11fa2b64ab421e71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 23:00:42 GMT
x-amz-version-id: ufsJCQTzIWNHgxHb8rWPwcIK5ccPRb.Z
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 5449330
etag: "e54f7b778137af059d88bdb42fb390bb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 9007
x-amz-cf-id: T5-rfXG4yw2dYH-bbKUErDNIJTTA_QQHGGPHxXmWX-HzgOgQUxw2SQ==

GET
H2 200 803304b1-ign-logo-1536x864_104502b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 2 KB
2 KB 24ms
22ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/803304b1-ign-logo-1536x864_104502b000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 01:07:11 GMT
x-amz-version-id: ZOWx_51bhwwAsLYzNUE6n2UPJ.lLmvZP
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6737741
etag: "7bcb922759fd4d84fa03ab8780518252"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1616
x-amz-cf-id: ZY71Huoiv_6e7JlQI0wIWV2Btn5d0zgBV9K0zCiHO08sB5wrCLi8_g==

GET
H2 200 fccf38a4-shack-news-logo_106h016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 3 KB
3 KB 25ms
23ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/fccf38a4-shack-news-logo_106h016000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:41:23 GMT
x-amz-version-id: _MNYSwEMscoBz3zTYH1.GPz.VuuU7TPv
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6555689
etag: "c0e55ff1a51c1c1ab1dbb14c3a14f3f2"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2826
x-amz-cf-id: efqTOVwAqQZvYRa2bmC4_5OQ91Cwt_05-fPpm-D1ds6L9rvNt9KdsA==

GET
H2 200 c3c7b570-game-rant-logo2_107e010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 2 KB
3 KB 26ms
24ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c3c7b570-game-rant-logo2_107e010000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:41:23 GMT
x-amz-version-id: Kk7oDynBhjIm_yfsd7uQ2.Y_3ea0DOr9
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6555689
etag: "fe33fb6ca063e7f4e94d476fd7858042"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2140
x-amz-cf-id: bUclhKSFgMxyKuuzvCCKLhByLclByrTyCdeo2SBuAzQ42o2kzxfxEw==

GET
H2 200 5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 3 KB
3 KB 26ms
25ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:41:23 GMT
x-amz-version-id: AqfRUaDc_qaU0zo9lFELCvKDnXghCfpn
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6555689
etag: "1990686fa110c07707dcee247cbd5362"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 2786
x-amz-cf-id: HbQIiwsdQheYbKjzc5-FewVPlA4zRPu9hJApjxDpF7TrTpAw3lvpcQ==

GET
H2 200 ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 3 KB
4 KB 27ms
25ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 03:41:23 GMT
x-amz-version-id: TK7em8fbTRz6B36Gr.6dWmoyaYODMUVa
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6555689
etag: "2ce7c87a626d600553f837bd8a47e785"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 3280
x-amz-cf-id: lqD3GkFvsf2iIdoU9PZqgcAtmyhS6ZClca4z2JLpU0kUTEDse2dEPg==

GET
H2 200 f308602a-0352-eurogamer-logo.svg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ 3 KB
2 KB 27ms
26ms Image
image/svg+xml 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/f308602a-0352-eurogamer-logo.svg
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 02:11:47 GMT
x-amz-version-id: SfffJWp8XTpSoh6HNju3jOXyfAYoIx6G
content-encoding: gzip
last-modified: Thu, 16 Mar 2023 23:50:39 GMT
server: AmazonS3
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"a7116c911d88a4d87c2d6905a3c87b9d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31557600
age: 6474664
x-amz-cf-id: 77OpGDpzvpPowTp5IxaO2xsgExcWQiqq1qgCoRNa94zwJxQtV8ZyTw==

GET
H2

200

main.js Show response
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 3900
Redirect Chain

https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

18ms
18ms

Script
application/javascript

2606:4700:20::681a:93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Server

2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73f36eb6ec77cac66e5623eb4afb2b312f70a6922f0d3d62b4f7f4bf302820a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJ7uVqEtka4mnuc7uXQ8rD8UWTb%2B2aLhZoixre5BdEHBKmRsuy%2By2k21bCdlaZnMCx774YBH5hZAYcP7TQkRqHN7TUKFVgqVlxrokXABYzvMzf8uLW0yAz2zcGZFyFJlT1KaVDLdmdu0ZU5UX8EA7wY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 80e0304619034d4a-FRA

Redirect headers

date: Fri, 29 Sep 2023 00:42:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTR60ETHXYa9cjQnHlM2uUcFX%2FuWrFEDQwanWVYbv%2F65JQSWIHUB9TGhJxjghNBAADdzbR6RW3E2eIeEgxbx4417pB2ZLxNzrAcoJZXF48NSrhIV8hjyphcAJLcKL0fo8qlGoC2Ll99VVw%2FKhyMYysk%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 80e03045f8eb4d4a-FRA

OPTIONS
H2 200 i
events.ub-analytics.com/_ub/ Frame 0
0 292ms
92ms Preflight 52.1.93.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ub-analytics.com/_ub/i
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.93.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-93-137.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://get.steamrefund.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://get.steamrefund.com
access-control-max-age: 3600
content-length: 0
date: Fri, 29 Sep 2023 00:42:51 GMT
server: akka-http/10.2.9

POST
H2 200 i
events.ub-analytics.com/_ub/ 2 B
233 B 278ms
95ms Ping
text/plain 52.1.93.137
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ub-analytics.com/_ub/i
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.93.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-93-137.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://get.steamrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://get.steamrefund.com
date: Fri, 29 Sep 2023 00:42:51 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.9
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/ 3 KB
2 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/?random=1695948171250&cv=11&fst=1695948171250&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F&hn=www.googleadservices.com&frm=0&auid=1833466891.1695948171&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

337665b1caaf7516f69b017528b7c5424eedc18b00332d2994f992ade8cc1aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1278
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 49ms
7ms Script
application/javascript 2a04:4e42:600::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1515208/ 65 KB
20 KB 229ms
194ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f74450faec88eabf16301ed4659dfcda539a123ae0ff8ffcc00037d18c69b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-amz-version-id: OZSfz1tMPDU1R9WWsAPNirFQYk5Mmlyz
content-encoding: gzip
via: 1.1 varnish
date: Fri, 29 Sep 2023 00:42:51 GMT
x-amz-request-id: 0SRWWF7C5RKDZMBY
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19989
x-amz-id-2: D/swbix5P5v0/AC5tADCef/MRE4TTrn59I6y4C39hcHWO/NTCaE8yuHQ/g4XFxDuZxW5eJ3Fx4U=
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Sun, 24 Sep 2023 11:09:14 GMT
server: AmazonS3
x-timer: S1695948171.296493,VS0,VE187
etag: "861693d86e9a2cc4344a951a1e83f87a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 v5.js Show response
cdn.stape.io/dtag/ 14 KB
6 KB 52ms
17ms Script
application/javascript 2606:4700::6812:130
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.stape.io/dtag/v5.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:130 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 129255
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 23 May 2022 07:46:57 GMT
server: cloudflare
etag: W/"628b3bf1-39c0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 80e030469d452bf8-FRA
expires: Sat, 28 Sep 2024 00:42:51 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 231ms
108ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6431a51e2f443ed44327689ff39e23de9b7f55268301a2c58e9a6a2e409a9cd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 7314a387.124457c7
date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
x-parent-response-time: 97,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=8, inner; dur=4
content-length: 1316
pragma: no-cache
server: nginx
x-tt-logid: 202309290042519925313628AFD7A96B20
x-cache-remote: TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 9,23.220.104.219
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be1626c622c584e56425b6d26e5c3493b12c24f8fcf598270db837329f18f8ba3e6887ac7e305ccae84a33a44d268db845fba0b643b56437b3b1e4730d4a259d7a97908bb7b02e4afd1172f3ca719deab00e3a9db337955de363f3765818025759df
expires: Fri, 29 Sep 2023 00:42:51 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
17 KB 53ms
23ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5edcb92d5c6a2d3aac5e13cf012f684ac293b4404f4506e6c8e3fa6013bceb1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16805
x-amz-cf-id: QqRATOkkeO0JjnAeeFKpb8OmM3Mjmf1J7bCBs5aOOaebhhMa-_Ubxw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
91 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f73bffee4913fc7089e22702007292c65eedb5c06c5707fa2a1f159a066fa99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 29 Sep 2023 00:42:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-252624536-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ec2cf5494e365f8f0a96c77612b354a7d44e9e2b73d90cfec11f109fbd3cbcb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64906
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 00:24:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Sep 2023 00:42:51 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 40ms
6ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230034-FRA

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 23 KB
7 KB 35ms
7ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1a71fa8e28d72055d1ded8a45a44d9a400b983bf4f26dc0e7815199b44828078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 00:42:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Sep 2023 07:17:00 GMT
Server: AkamaiNetStorage
ETag: "8d906fbebc15ffca9da2bea6f48b3aa7:1695885576.123778"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7183
Expires: Fri, 29 Sep 2023 01:02:51 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/ 97 KB
29 KB 49ms
11ms Script
text/javascript 2600:9000:225e:2600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed966363875350fba0f26f05693dd6978316ecd005b69d31880387a0c0abaaf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Amz-Version-Id: Kv5N9mJYtX2mCII84FxG3faqnBsvGUqx
Content-Encoding: gzip
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
Date: Fri, 29 Sep 2023 00:42:51 GMT
Age: 1778
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 28 Sep 2023 12:51:16 GMT
Server: AmazonS3
Etag: W/"50a7607ba8fef8791c97846093855883"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nsGvFSvoM1hqDt6wUty4zWunZjpqHEPLGZ_D6qS6G5fMpoVZMTa-mw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 29 Sep 2023 00:42:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53277
x-xss-protection: 0
pragma: public
x-fb-debug: gXEX9CdeNsAUGc3F+xcGRtmPjNmEPbtOtJKm+EQIgpiR4VQ/Wbgisxo20YP9U2Gc77OhoapIYCqilse51J1F7w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 80e0304508654d4a Show response
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3900 0
461 B 27ms
27ms XHR
text/plain 2606:4700:20::681a:93
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/80e0304508654d4a
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80e03047299a4d4a-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=my5be5LlfXmowoQyYfjoN4VZG%2B9cQzhw0EAQifv1ycPh9O01Rz6qefpu2ZTyMPHLNebXDZLiXcmOJuoLV96i6Rev90K49sdWUMAmxA5GFEshWVIiRDgPBg3%2Bb9LdaGU9KpCcnIp7EVPWE2RxpAJazeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/11050824091/ 42 B
455 B 40ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11050824091/?random=1695948171250&cv=11&fst=1695945600000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F&frm=0&fmt=3&is_vtc=1&random=3913302948&rmt_tld=0&ipr=y

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 00:42:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11050824091/ 42 B
455 B 42ms
20ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11050824091/?random=1695948171250&cv=11&fst=1695945600000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2F&frm=0&fmt=3&is_vtc=1&random=3913302948&rmt_tld=1&ipr=y

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 00:42:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST data
gtm.steamrefund.com/ 0
0

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 134ms
111ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c0b8647c-3037-4641-89b8-65f407e2c67a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6779bcdd-d7db-4a60-9547-3fb9228a36a6&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 29 Sep 2023 00:42:50 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 73a06a41324a3b6c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cf845442498a2aab4025fd21f7b89ff797aeca6be9aa241f1c1ffb44abef2b08
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 150ms
111ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=c0b8647c-3037-4641-89b8-65f407e2c67a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6779bcdd-d7db-4a60-9547-3fb9228a36a6&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-response-time: 103
date: Fri, 29 Sep 2023 00:42:50 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 8fc391b4978fc4f6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6e1c9b8f3b6328015978a80fa364277a43a740eec77f2d4a7a0c9a6970825224
content-length: 43

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 363ms
87ms Ping
image/gif 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=09896494193954972&referrer=&cht=gtm&marketerId=009063823c6ff0a709127c2dd74e59c875&name=PAGE_VIEW&dl=https%3A%2F%2Fget.steamrefund.com%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 00:42:51 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 6f7f8efa9e96d3ca4bd9e9e4c1a9c305
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 365ms
90ms Script
application/javascript 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=009063823c6ff0a709127c2dd74e59c875
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
X-TraceId: fcc19a71e5f5630829c91c49f491a188
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 009063823c6ff0a709127c2dd74e59c875 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 37ms
13ms Script
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/009063823c6ff0a709127c2dd74e59c875
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Fri, 29 Sep 2023 00:42:51 GMT
Content-Encoding: gzip
ob-sent-time: 1695886989495
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 4b9ab48d43d521b256c5831e15abe5bd
Content-Length: 22
Expires: Fri, 29 Sep 2023 00:43:51 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

9ms
8ms

Script
application/javascript

2600:9000:225e:2600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: HTTP/1.1
Server: 2600:9000:225e:2600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Amz-Version-Id: e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Date: Thu, 28 Sep 2023 05:25:16 GMT
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
Age: 69456
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Aug 2023 18:30:18 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: gHzVnDdWhIxlR9e5xdAqcnEA3AOO_Ofsp9FhhHQEKv1hY-IyWkM8Jw==

Redirect headers

Date: Thu, 28 Sep 2023 16:26:12 GMT
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
Age: 29798
X-Amz-Cf-Pop: FRA60-P4
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: e7-IJ70A0qP7TUdYQG-NXvWoOt0Qr11j-No1RyuJ7F3XC5bBdfpJEA==

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 29ms
7ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1695948171417&id=t2_f8rkva25&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=4aecbaad-be16-4119-a1f0-485aea478bc7&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 851791816024757 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 58ms
57ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/851791816024757?v=2.9.131&r=stable&domain=get.steamrefund.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b736956c1f3a80e4e3e648ed16d564efa58726119e6804abd3081541a9470d5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 29 Sep 2023 00:42:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: A/Z3G1qL9pWv0NFrljmFpnb2fYZEfDWel+i/UDfpsSuTeYGM7a7KMSt0TEL/9WXuyvn3Gb5ggRUM8hZ3B37Cgg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-252624536-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f1287a2a9dfbc3192e41926df9f5f2322564b06e2bc32892bf6a3f954d4ba4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64938
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 00:24:02 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Sep 2023 00:42:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 38ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P48CLNLYJE&gtm=45je39r0&_p=873599696&cid=751002646.1695948171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695948171&sct=1&seg=0&dl=https%3A%2F%2Fget.steamrefund.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 00:42:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.steamrefund.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-252624536-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Sep 2023 23:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3510
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 29 Sep 2023 01:44:21 GMT

GET
H2 200 a1860529-0aae-45cb-a054-1bba5385bf0a.js Show response
tr.snapchat.com/config/com/ 167 B
455 B 84ms
16ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/a1860529-0aae-45cb-a054-1bba5385bf0a.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f7b74161fa6c24f59b2479fbdf03b0984dc91f1036d809ee0b218b0cd5a94541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://get.steamrefund.com/
Origin: https://get.steamrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://get.steamrefund.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame CA46 0
201 B 82ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=24e37a8f-f4eb-4696-9614-ea3c9fc10b69&u_sclid=01ca191b-b0b3-464c-8889-dded32852270

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://get.steamrefund.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 29 Sep 2023 00:42:51 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 22ms
21ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 124458ca
date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123833907E75E1CFE76D3E1D7F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01bd3986c18f30fb1a79752a0dbdbe6fc6a53dcad859148c974dd6770ca8a466e9fc33c6b43d4695d685a613dc016b6cfa2326bfadb5248bea67362afe2b157ba686a03e705adc87b2ddeeeb4f821215af0b2ce7f6e762b5735677c30a1434dbf4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 100679

GET
H2 200 json Show response
trc.taboola.com/1515208/trc/3/ 2 KB
2 KB 41ms
33ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1515208/trc/3/json?tim=1695948171519&data=%7B%22id%22%3A872%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1695948171508%2C%22cv%22%3A%2220230920-27-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jordanagencybellcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1695948171518%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f0cfd5a80cfc1fb5f173aa7aeb25944ebfb884c5412df7d422073a7af5bc521

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-vcl-time-ms: 25
date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1725
x-fastly-to-nlb-rtt: 7465
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230036-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1695948172.532953,VS0,VE25
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 6FGPXF7JBVHSVDCJIPGVKW Show response
d.adroll.com/consent/check/ 482 B
575 B 106ms
29ms Script
application/javascript 2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6FGPXF7JBVHSVDCJIPGVKW?pv=67437816572.23678&arrfrr=https%3A%2F%2Fget.steamrefund.com%2F&_s=15782f104147ecab4d2804d916ecb875&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2db42f12b070f135689bb618006b73e3e90df04bc085f0baa3e1457a5f36ebcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
server: nginx/1.22.1
content-length: 482
content-type: application/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=851791816024757&ev=PageView&dl=https%3A%2F%2Fget.steamrefund.com%2F&rl=&if=false&ts=1695948171532&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.1.1695948171530.681601976&ler=empty&it=1695948171429&coo=false&eid=pageview_1695948171260.264117.1&rqm=GET

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 29 Sep 2023 00:42:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ 8 KB
8 KB 23ms
7ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic
Origin: https://get.steamrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 00:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 7748
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2161191
x-amzn-requestid: bf2f186a-6988-4978-8f6a-6911ca350293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: KtJ3xHYaoAMEMxw=
content-length: 7771
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64f52364-6cc74b6e0b360ab923f08af8
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OK-MuU1tkDkEZjjki4pFLDbzDlmjhduT6qcupHQ0gcNGIE7IDvnqYQ==

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ 8 KB
8 KB 23ms
8ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic
Origin: https://get.steamrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 01:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 7816
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 2245319
x-amzn-requestid: 0144c92a-1cf4-4a64-9d27-53ed67c910dc
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Kp8euHuOoAMEb4A=
content-length: 7839
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64f3dac4-09f294f8020f67d20524c9fa
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aPHa0tZu8k2SBI3mBc5fz5JayE07a7WACUYw-6QrtOK_b59cyn6TKQ==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.ub-assets.com/fonts/s/poppins/v20/ 8 KB
9 KB 8ms
7ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic
Origin: https://get.steamrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 03:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 7884
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 3793208
x-amzn-requestid: 2a9e076b-5d63-48d2-a090-da38f295a118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: Ju5dJEt3oAMEURg=
content-length: 7907
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64dc3c53-050e4e6f4ecc007c0dcf2d45
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ORW57YFXlw3zjuTpOSOl4FdGqQosN7H4mMZxaHsm3LZUgQtTGPjmHA==

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.ub-assets.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 8ms
8ms Font
font/woff2 13.32.99.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/sourcesanspro/v22/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-67.fra60.r.cloudfront.net

Software

Resource Hash

500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic
Origin: https://get.steamrefund.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 17:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 14160
via: 1.1 a54cda8ccda3480314f451558e4dd062.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 1147955
x-amzn-requestid: 222559a4-2a3d-4efb-aff3-0196e285093e
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: LTzl5G4ooAMEHzQ=
content-length: 14183
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-65049958-66311e6c2720f16f26ebbfa2
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xHF5iaHmnLK66EXcvcg40g0q7sm-55BYLlUSB7Dk7vN-Qj0XrSJVwQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
146 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=873599696&t=pageview&_s=1&dl=https%3A%2F%2Fget.steamrefund.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=142197777&gjid=1133102997&cid=751002646.1695948171&tid=UA-252624536-1&_gid=154532433.1695948172&_r=1&gtm=457e39r0&jsscut=1&z=1558567533

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get.steamrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Sep 2023 00:42:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get.steamrefund.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 6ms
6ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=873599696&t=pageview&_s=2&dl=https%3A%2F%2Fget.steamrefund.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=751002646.1695948171&tid=UA-252624536-1&_gid=154532433.1695948172&gtm=457e39r0&jsscut=1&z=2089386163

Requested by

Host: get.steamrefund.com
URL: https://get.steamrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Sep 2023 04:33:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72539
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 11ms
10ms Script
application/javascript 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-akamai-request-id: 124459b3
date: Fri, 29 Sep 2023 00:42:51 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107094992214F0C816780695F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0183cf230e61c464f3b74a2f5dd2496aee3962c06479feebb55343f39c0b3f4345aa87061fce68c95a14c66f0ce8080038bf7e737cfdc3b0e9348ca286caafa3fdf74b166e406fd017850282f048367e6315f085bd89b8b8f55ad7798efadebc00
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35562

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 254ms
254ms Ping
text/plain 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.steamrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 854524d.12445a33
date: Fri, 29 Sep 2023 00:42:51 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
x-parent-response-time: 240,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=153, inner; dur=150
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309290042516BB8B0FF3E4372A3C2B6
x-cache-remote: TCP_MISS from a23-222-16-61.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 153,23.222.16.61
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be1626c622c584e56425b6d26e5c3493b12cf643a97cfa15aa3eb6b865cef4d46e0894dfc66519d77c6d6cfbb7e100ee6146aca7e656be1ddbcd2644177f1d00d126c9cc241f24f2c97da51686369c9daafd314771c198fefb21358548f93ea767f7
access-control-allow-headers: Authorization,*
expires: Fri, 29 Sep 2023 00:42:51 GMT

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 8ms
7ms Script
text/javascript 2600:9000:225e:2600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
Date: Fri, 29 Sep 2023 00:39:03 GMT
Age: 245
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: nFFYilOTTZjU2PRG_Za2BQQiR-FQV_aRhQA05F_w7JTPNhK1cBbgbw==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 8ms
8ms Image
image/png 2600:9000:225e:2600:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by: Host: get.steamrefund.com
URL: https://get.steamrefund.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2600:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Thu, 28 Sep 2023 16:21:21 GMT
Via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
Age: 30096
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ch5viD86X_TN6KkuBzyILYYHCwJYJ3kUC16rZ9cjkFXDY0o1BEMI3w==

POST
H2 200 p
tr.snapchat.com/ 0
94 B 18ms
17ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://get.steamrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Sep 2023 00:42:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://get.steamrefund.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 p
tr.snapchat.com/ Frame 0
0 15ms
15ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/p
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://get.steamrefund.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://get.steamrefund.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 29 Sep 2023 00:42:51 GMT
server: API Gateway
via: 1.1 google

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
792 B 802ms
801ms Ping
text/plain 23.36.163.249
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.249 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-249.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://get.steamrefund.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 88d1d79.12445bef
date: Fri, 29 Sep 2023 00:42:52 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-221.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
x-parent-response-time: 785,23.36.161.221
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=696, inner; dur=685
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230929004251B37B6D35B3C7ACE8B7CF
x-cache-remote: TCP_MISS from a23-222-16-62.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51406771) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 696,23.222.16.62
x-tt-trace-host: 01c72dea6f64a907d7e8edee96b7d2be1626c622c584e56425b6d26e5c3493b12ce1ccaf286f4ede552237c30aa734e90166327a2de30c27a7e2bbf0056dcae3e76b98971b0acf88d692c8951a0da04807e8ba41c3ad4222e13a30106c12b22eacefc2937d12c5e4a40f5d85737e0a4ae4
access-control-allow-headers: Authorization,*
expires: Fri, 29 Sep 2023 00:42:52 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1515208/log/3/ 0
249 B 596ms
19ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=1597&scd=0&ssd=1&est=1695948171511&ver=36&isls=true&src=i&invt=1500&msa=302&rv=1&tim=1695948173108&vi=1695948171508&ri=8bf71509d1b28eb817b0fe5ca3e525cd&ref=null&cv=20230920-27-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get.steamrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin: https://get.steamrefund.com
pragma: no-cache
date: Fri, 29 Sep 2023 00:42:53 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET unip
trc-events.taboola.com/1515208/log/3/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtm.steamrefund.com
URL: https://gtm.steamrefund.com/data?v=2&event_name=page_view

Domain: trc-events.taboola.com
URL: https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=4598&scd=0&ssd=1&est=1695948171511&ver=36&isls=true&src=i&invt=3000&msa=302&rv=1&tim=1695948176109&vi=1695948171508&ri=8bf71509d1b28eb817b0fe5ca3e525cd&ref=null&cv=20230920-27-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 15:07:14	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
get.steamrefund.com/	1970-01-20 19:25:00	Name: ubvs Value: 833e312d-ffa3-4573-a174-a31b8084cbb3
.steamrefund.com/	1970-01-20 15:10:07	Name: ubvt Value: v2%7C833e312d-ffa3-4573-a174-a31b8084cbb3%7Cd526434c-0dc6-4d14-b154-0300c8623898%3Aj%3Adta
get.steamrefund.com/	1970-01-20 19:30:45	Name: ubpv Value: j%2Cd526434c-0dc6-4d14-b154-0300c8623898
.steamrefund.com/	1970-01-20 17:15:24	Name: _gcl_au Value: 1.1.1833466891.1695948171
.doubleclick.net/	1970-01-20 15:05:49	Name: test_cookie Value: CheckForPermission
.steamrefund.com/	1970-01-20 23:51:24	Name: cf_clearance Value: 8tFAfvviONKURDybyYLpGv574rQD6zgYk7ni_KkWCRU-1695948171-0-1-33f0e27c.dbe1dec1.64f1bd9c-0.2.1695948171
.steamrefund.com/	1970-01-21 00:35:34	Name: _scid Value: f09a5164-fe92-4110-984c-e44dd50e1678
.steamrefund.com/	1970-01-21 00:35:34	Name: _scid_r Value: f09a5164-fe92-4110-984c-e44dd50e1678
.steamrefund.com/	1970-01-20 17:15:24	Name: _rdt_uuid Value: 1695948171416.4aecbaad-be16-4119-a1f0-485aea478bc7
.steamrefund.com/	1970-01-21 00:41:48	Name: _ga_P48CLNLYJE Value: GS1.1.1695948171.1.0.1695948171.0.0.0
.tiktok.com/	1970-01-21 00:27:24	Name: _ttp Value: 2W34wtC8cCqoX2vQeDdY2OvYBns
.steamrefund.com/	1970-01-20 17:15:24	Name: _fbp Value: fb.1.1695948171530.681601976
.t.co/	1970-01-21 00:41:48	Name: muc_ads Value: fd7293ea-eefc-4683-9c2e-33f6c22414a5
.twitter.com/	1970-01-21 00:41:48	Name: guest_id_marketing Value: v1%3A169594817149148395
.twitter.com/	1970-01-21 00:41:48	Name: guest_id_ads Value: v1%3A169594817149148395
.twitter.com/	1970-01-21 00:41:48	Name: personalization_id Value: "v1_DlQoINUG36MTLUS8Y3MgIw=="
.twitter.com/	1970-01-21 00:41:48	Name: guest_id Value: v1%3A169594817149148395
.steamrefund.com/	1970-01-21 00:41:48	Name: _ga Value: GA1.2.751002646.1695948171
.steamrefund.com/	1970-01-20 15:07:14	Name: _gid Value: GA1.2.154532433.1695948172
.steamrefund.com/	1970-01-20 15:05:48	Name: _gat_gtag_UA_252624536_1 Value: 1
.steamrefund.com/	1970-01-21 00:27:24	Name: _tt_enable_cookie Value: 1
.steamrefund.com/	1970-01-21 00:27:24	Name: _ttp Value: fr64fzbOHeYekOrydQGoUU_S3RX
get.steamrefund.com/	1970-01-20 15:05:48	Name: outbrain_cid_fetch Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://get.steamrefund.com/ Message: Access to XMLHttpRequest at 'https://gtm.steamrefund.com/data?v=2&event_name=page_view' from origin 'https://get.steamrefund.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://gtm.steamrefund.com/data?v=2&event_name=page_view Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
builder-assets.unbounce.com
cdn.stape.io
cdn.taboola.com
connect.facebook.net
d.adroll.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
get.steamrefund.com
googleads.g.doubleclick.net
gtm.steamrefund.com
region1.google-analytics.com
s.adroll.com
sc-static.net
static.ads-twitter.com
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
gtm.steamrefund.com
trc-events.taboola.com
104.244.42.133
104.244.42.3
13.224.189.30
13.32.99.67
141.226.228.48
143.204.207.250
146.75.116.157
151.101.65.140
151.101.65.44
2001:4860:4802:32::36
23.32.185.60
23.36.163.249
2600:9000:21f3:d800:b:3165:13c0:21
2600:9000:225e:2600:6:9280:1080:93a1
2606:4700:20::681a:93
2606:4700::6812:130
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:600::396
2a05:d018:cc3:fe04:fcc6:f60a:82b7:5097
35.190.43.134
52.1.93.137
52.222.250.12
64.202.112.31
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225
0f0cfd5a80cfc1fb5f173aa7aeb25944ebfb884c5412df7d422073a7af5bc521
1a71fa8e28d72055d1ded8a45a44d9a400b983bf4f26dc0e7815199b44828078
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
296403224467b0696e952995d954fb75927f2c50449963d2664d6c425227fb68
2db42f12b070f135689bb618006b73e3e90df04bc085f0baa3e1457a5f36ebcc
320d4eb4df987dd82522b916ae2ce75617584ca508d77dde11fa2b64ab421e71
328bf78d9037cf1d442674cf214abe79dfe9bb1d5990958d3f150aa1960c0770
337665b1caaf7516f69b017528b7c5424eedc18b00332d2994f992ade8cc1aa5
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
3f73bffee4913fc7089e22702007292c65eedb5c06c5707fa2a1f159a066fa99
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
500f8aaf69ddcf71a16ceae58c927f03371b33665185e16df347b67f7f11bdb9
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59
59ac725429ede98f74947527e56ee6adefc25fa1ecc4758248a14dc9725f9ea4
5b736956c1f3a80e4e3e648ed16d564efa58726119e6804abd3081541a9470d5
5c20e5367fe55a37143fa026b9879587fe3cc93f436c88274a4366cd166c0497
5edcb92d5c6a2d3aac5e13cf012f684ac293b4404f4506e6c8e3fa6013bceb1a
60b708e3bb317a230cc4346b52705c032293a83e7d5be775b02b4d4a36db1005
6431a51e2f443ed44327689ff39e23de9b7f55268301a2c58e9a6a2e409a9cd1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f0f20c2a0443bc08689acb871745e8d80299d6a8c568ad713413a0d1c4968d5
6f1287a2a9dfbc3192e41926df9f5f2322564b06e2bc32892bf6a3f954d4ba4f
6f74450faec88eabf16301ed4659dfcda539a123ae0ff8ffcc00037d18c69b31
73f36eb6ec77cac66e5623eb4afb2b312f70a6922f0d3d62b4f7f4bf302820a2
7899c5cab027e001814e1641c3949923e9f17a49a70a7a066710fc3dd1ae318b
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1e9a17ca7de1669b96ae622b530c46a3f7aad0a477c526e8fc174c3368dfb0
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a0ce992672dcec644634af802f494b8e0857147cb1b6316dad59a76d9763c589
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bc8eb177d036c7cd7e85f0d2637e8746d5c0740b01fb15fca100d02d37179854
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bddcdc2d4855929eaa9f4e469c2e860a98b18708da57af571e32c24fd79521a1
be6f0dab542b9db3753c4ab63a5f7c9814826f652471b174f3503fbc0b3b6065
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
d7ec4180be0bee401745f81e14821e442e17fcdb19c6a9b90986c783e0584c90
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ec2cf5494e365f8f0a96c77612b354a7d44e9e2b73d90cfec11f109fbd3cbcb3
ed966363875350fba0f26f05693dd6978316ecd005b69d31880387a0c0abaaf2
edead83bade592bfbb518785d5a375b822a95d91b6874325efc9af58520821b0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10d6b4c19c7e53e5d781ed10e3c856d7766ac1e9325dd9cf63dfeb48e82cd15
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7b74161fa6c24f59b2479fbdf03b0984dc91f1036d809ee0b218b0cd5a94541

get.steamrefund.com Open in urlscan Pro 2606:4700:20::681a:93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

77 Requests

94 %HTTPS

48 %IPv6

24 Domains

32 Subdomains

30 IPs

4 Countries

963 kBTransfer

2905 kBSize

24 Cookies

0 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

get.steamrefund.com Open in urlscan Pro
2606:4700:20::681a:93 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

94 %
HTTPS

48 %
IPv6

24
Domains

32
Subdomains

30
IPs

4
Countries

963 kB
Transfer

2905 kB
Size

24
Cookies

77 HTTP transactions
1 data transactions