urlscan.io logo urlscan.io
SecurityTrails logo

refund-service.digital Open in urlscan Pro
2606:4700:3033::ac43:823f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://refund-service.digital/
Effective URL: https://refund-service.digital/
Submission Tags: phishing spamreports malicious Search All
Submission: On February 29 via api from FR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3033::ac43:823f, located in United States and belongs to CLOUDFLARENET, US. The main domain is refund-service.digital.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2024. Valid for: 3 months.
This is the only time refund-service.digital was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:3030::6815:331 (United States)

ASN13335 (CLOUDFLARENET, US)
refund-service.digital
14    2606:4700:3033::ac43:823f (United States)

ASN13335 (CLOUDFLARENET, US)
refund-service.digital
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:164 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
15 refund-service.digital
refund-service.digital
2 MB
2 gstatic.com
fonts.gstatic.com
63 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 177
60 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 15586
710 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 746
30 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
22 7
Domain Requested by
15 refund-service.digital 1 redirects refund-service.digital
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net refund-service.digital
connect.facebook.net
1 www.facebook.com refund-service.digital
1 get.geojs.io code.jquery.com
1 code.jquery.com refund-service.digital
1 fonts.googleapis.com refund-service.digital
22 7

This site contains no links.

Subject Issuer Validity Valid
refund-service.digital
GTS CA 1P5		 2024-02-24 -
2024-05-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://refund-service.digital/
Frame ID: 17839D1939FD7D3BE284AEE30BC4222D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Заявление на возврат средств

Page URL History Show full URLs

  1. http://refund-service.digital/ HTTP 301
    https://refund-service.digital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

7
Subdomains

8
IPs

2
Countries

2160 kB
Transfer

6582 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://refund-service.digital/ HTTP 301
    https://refund-service.digital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
refund-service.digital/
Redirect Chain
  • http://refund-service.digital/
  • https://refund-service.digital/
95 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
28a6b9d6c6b3407a9c668388bd756cde7ae39fea9b53334cfcab81ecfd227b13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85d1e888ae6dbe47-CPH
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 29 Feb 2024 15:23:25 GMT
expires
Thu, 29 Feb 2024 15:23:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ13geDUzICGgnSamCe3%2B3wlPglGB2iFxghNsBxfjJie26f7lsSvvqTGt%2B%2FIX57K3UFyL494Q3xlZ77QzG%2BcYQ04stCNCulujf0F4OYDlfoJQ8%2BUqbSVn0SxwSJpn4yoQbn8AZgiQcypStPumDIu0crhSjN1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Access-Control-Allow-Origin
*
CF-Cache-Status
DYNAMIC
CF-RAY
85d1e8872c4710b5-CPH
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Feb 2024 15:23:24 GMT
Expires
Thu, 29 Feb 2024 15:23:24 GMT
Location
https://refund-service.digital/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyyqQ%2FK4xPGTZtQkRYhYXaR%2FSCo%2BPbeHu3YaX60vaotku4F7%2BFoyRram%2BrKBPbk37BmikEEi31wjrMfxi1sGlJnCM0s9lvfqmvJbBU2fuqaIwC0wl1lDMr0HM4R3DEKe6d0Ma1le7a%2B9lmf99Z6zUTEyKYGJ"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&display=swap
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 29 Feb 2024 15:20:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Feb 2024 15:23:25 GMT
intlTelInput.min.css
refund-service.digital/lander/fin/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/css/intlTelInput.min.css
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58c89c1729bfa22617b3e55958c62f5c634c44dbe86c03b88fc94d483010da5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65db8cbd-49e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2APFotpgYvJ8zIdgjtclfsB9wu8vY69fViN1%2BSwSI5RQXiLEl2mmj%2B1l5YjQbf59iaLnxsXMrA6H%2BHQHAlCeZwyzhEM7qbAYjoBCZxNPGCJJxdJmYaF2OOu0k69xbcc15uPJ%2BZyUX6fsLrtZgxB2%2BVAZr%2FL"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e8899843be47-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
main.css
refund-service.digital/lander/fin/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/css/main.css?v=2
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
598fda57d679f82ed905c17cf54f846a12864a460aeb4044515e4d931a83bb7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 19:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65db98be-1e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cmvmp12ZgxQYLYhwPh%2BxGxz7nAbvfWXkTk02jNbrJd1gFE8RTyk78lAjF6XYhFJ7u9Oa9vZY%2FvHScDXVGb32p%2Byl2hi6oDWEBPpr6MKWFxDJSArulPI0PiEnuWXUKTg2p%2B%2BH1foyMeNKKHwVaEOqcwVqfm5N"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e8899848be47-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
logo.png
refund-service.digital/lander/fin/img/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-service.digital/lander/fin/img/logo.png
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b8508335d1244532a934775a5002565975eae29af901aa3600f204c4d15e22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
138410
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
server
cloudflare
etag
"65db8cbd-21caa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po5THA777vacc7UW7E3jsOdiztIVH4WWizLfDqc9VIJJvyJL0utd8e2b4b4anfsw%2BMugAJxKMoazGNvRRv6F5jKvMigWsCsUHaXUXSk2B7irlghra8pNbt1vwY84vvTN2mesLNpseOIpKo%2FY7fIeQBbBpYEm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
85d1e889984abe47-CPH
expires
Sun, 10 Mar 2024 15:23:25 GMT
poster.png
refund-service.digital/lander/fin/video/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-service.digital/lander/fin/video/poster.png
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
839b5b760a092dacf2ead91ae2f4132e4127505ee66e20163627fd0babcf5b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1603882
last-modified
Sun, 25 Feb 2024 19:48:44 GMT
server
cloudflare
etag
"65db999c-18792a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bd02y%2FoTIWAHB8vuvsGhM50VRmJoJFivIKOfk42XLCmO%2BiwA5DmXrObUKG%2BVRV86rVn8WHDTv2wvhDTcG07BRaQDW4qtnqhZVyKsqruAX9AKJcMPwaMoq2hJHj%2Fe0UQek2ki3u0JYBdXRaGzjWprxBlrHOZs"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
85d1e889984bbe47-CPH
expires
Sun, 10 Mar 2024 15:23:25 GMT
pngwing.com.png
refund-service.digital/lander/fin/img/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-service.digital/lander/fin/img/pngwing.com.png
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83694c3be567ac4cdc940657f3c89048f54ddc063b33886c6d1f0681ec1fdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
126954
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
server
cloudflare
etag
"65db8cbd-1efea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6z9At2Np%2FTQyEvw5xFLmcIbjpFQSsggU%2B7lad2PDCl48pQkV9DR1Da6zHw8%2FRgfS4QugrHG4GNgmu1cEEsZfDsiR4CmxRfzppZBaDVL%2BXnxlwO%2F14HPog6z6%2Bw3jxeExWmM54wzSKfyjE987I12phCvBRI7f"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
85d1e88a9c4110eb-CPH
expires
Sun, 10 Mar 2024 15:23:25 GMT
email-decode.min.js
refund-service.digital/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Feb 2024 15:42:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65de02d0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bv2Cjmbf3VeduVieY0sezX3wYpRep85Y%2B0EcDQR0NLJnqqqwz4QU6zc7AB8DLLKSdnTlC5%2BOcH6c5hYsJt8VfLaRhfU0Y6ObXVR%2F%2BzF2MO9%2FQSWCXuJ5uHoRuKrDMDisEA8GFzZc1TshCmHU9D4Ww2g15GLb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85d1e88a9c4610eb-CPH
expires
Sat, 02 Mar 2024 15:23:25 GMT
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer
https://refund-service.digital/
Origin
https://refund-service.digital
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
14021532
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-fra-eddf8230022-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1709220205.279440,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 93951
intlTelInput.js
refund-service.digital/lander/fin/libs/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/libs/intlTelInput.js
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3a9e7253361ea559bde94c679465cedda78dd5ccaed4f035bd8c3a28e3acc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65db8cbd-87c4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEV6Qqlnjc%2B1S7r8DHKYQ0ZW8zgm5DI%2FhHKN6q6BjQQhyXEnb1ZYfDVktfSRNN007B%2FLfNDhsn4evsQvoySzBntVOVlMczu1JPoUMJkN8KzmRQ8jQWsZDgsaU7qyqjD6KFOcTdengKy2wy4KjK11j2jaEeDv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e88a9c4910eb-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
jquery.maskedinput.js
refund-service.digital/lander/fin/libs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/libs/jquery.maskedinput.js
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd9074e7da91f4f7df45000ea013ca770d4e9a69f2a2eb3955f755bd83917206

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65db8cbd-1077"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vNuby9O%2BB%2FOAayW%2ByZqBNSuKJf3JaCuPltARGrse4w%2BgTo6cIOskxYPU9cEfkDiaf9P5Tl2mP8ShKvxJuhC30n8O3qi7Ps9OdDFbyebc1n8fhpls%2FUpCIR8VMjC2Laamw1gv90zB45DozyArH2TBCjDJ192"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e88a9c4d10eb-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
utils.js
refund-service.digital/lander/fin/libs/ 		242 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/libs/utils.js?v=22
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8abb51715ec9b4b8587b197b320ba4b6b0092234563b2c72fba42583810ef0da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65db8cbd-3c8ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y6sLvlSqu3n5ob35XCOnHzplQkqEZVLbmyIf104fJzsD0Ccp5jKxCsjiPoRy8I6ys8uLhtZs3rCiJUOuhs7a0a9YEeTdYcfLqdIJjzFlB3kbzANeR2o%2FCJqYhXhzMxql8spTOaT3Tv%2B%2BnCNgNgNVghFVvcO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e88a9c5010eb-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
main.js
refund-service.digital/lander/fin/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/js/main.js?v=2222442
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6deec275758e283e8e15b964ebe67f03b92d5a50a9538fc0af5c079b67469ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 29 Feb 2024 08:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65e03981-2a1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3NjN7vCzdmv4090OrTIRLL9COw3G%2BsbDRK%2BNSs3VZ6x8iQ7RUiZivpOEko0isinys2QoFq9T8XvxrEA4mM5ybhtR%2B0H5Yi4X1RamCRylA9oYBOdpLm5HRvh8S42Q3WK%2FNGbuf0MX%2F69CEYO9VRpHYUosg%2Fg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e88a9c5110eb-CPH
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Mar 2024 15:23:25 GMT
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Feb 2024 15:23:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
4zy4EfRkp/gnp8fPe3UvpGLZxvKqDCtniKsOx23Cm/doXztahghvs8DDyIhA3HWMGi8nwf6k6w/D3U94EiGs2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		545 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b43f504dc88c9830b9921b6087b21fd51b51d9680d97dea55946aea64193c542

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
line.png
refund-service.digital/lander/fin/img/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-service.digital/lander/fin/img/line.png
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/lander/fin/css/main.css?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/lander/fin/css/main.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXPeO%2BfEZ9MrvqMZE7niv4NHEuzuK9GV9QZOIRcGtWC9UgaArv0sGQwhyXeTNb5Ru809Zhgm4awE4zOawdk2NRwc5njzVuIbubUnYamrXG5mLBivpM0Aq3qWJUtbIA66TF3HjVnNYLujPaq%2FG2z2Dez9WSxW"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
85d1e88aac5910eb-CPH
alt-svc
h3=":443"; ma=86400
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refund-service.digital
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options
nosniff
age
196336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 08:51:09 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://refund-service.digital
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 05:00:50 GMT
x-content-type-options
nosniff
age
123755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17600
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:48:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Feb 2025 05:00:50 GMT
interpol.mp4
refund-service.digital/lander/fin/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://refund-service.digital/lander/fin/interpol.mp4
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://refund-service.digital/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
196670
Content-Range
bytes 0-13400832/13400833
alt-svc
h3=":443"; ma=86400
Content-Length
13400833
last-modified
Sun, 25 Feb 2024 19:35:21 GMT
server
cloudflare
etag
"65db9679-cc7b01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfZ2EGlABqzscNLOKg8nZzRLq7hY6rfczm2hLy3Ter5cFUGm0f0Ep%2FOB%2BWhxStbEWxX%2BG%2FhcqG5cbk6u4ZNZgrrryF%2FRYIJuQ9CHRj7vv84q8WPNsUKgfYMCbKNQyBIKvvJhxtMEFL2cIAaWl9eGyZc%2B0PGz"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
max-age=864000
cf-ray
85d1e88abc6e10eb-CPH
expires
Fri, 08 Mar 2024 08:45:35 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
connect.facebook.net/signals/config/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1?v=2.9.147&r=stable&domain=refund-service.digital&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b71239ba794102e7806f0b365968dc96846bcfc56ec069fbe0f95388a35b357e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Feb 2024 15:23:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
sFSEpAEiTMgaoMRoOHhjqQVQmwQVu/c6nXl8O0SCWsS/yNQyfwqtJeZCc4ezqw+s61lp2Dgry8UJQEX5OHsABA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
country.json
get.geojs.io/v1/ip/ 		79 B
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/country.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.7.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49afa847388ba8dc8fd4d748b96707eb6176c8d3814651a69c9a9a7e4999e736
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://refund-service.digital/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
0bbf2bb2dd20f226d54619a2e4432f96-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ%2BEtj09ht37UHrw7jTeHMXtqovT67dG670fn%2F1ZGn1kR3Sh5HuNJjU%2Bp8kmdoQPIz6zoQXAkeZMp%2FPhjqJoBXNj%2FC7mQZsa%2BFak6YDFGf0Cfr5In%2FkDILEV3fIgCiWVfm3WKRfykLuZLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
85d1e88c5bcf3835-FRA
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1&ev=PageView&dl=https%3A%2F%2Frefund-service.digital%2F&rl=&if=false&ts=1709220205454&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=28&it=1709220205362&coo=false&exp=e1&rqm=GET
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Feb 2024 15:23:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
flags.png
refund-service.digital/lander/fin/img/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refund-service.digital/lander/fin/img/flags.png
Requested by
Host: refund-service.digital
URL: https://refund-service.digital/lander/fin/css/intlTelInput.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:823f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://refund-service.digital/lander/fin/css/intlTelInput.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Thu, 29 Feb 2024 15:23:25 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
70857
last-modified
Sun, 25 Feb 2024 18:53:49 GMT
server
cloudflare
etag
"65db8cbd-114c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvcdiJicUWNrIXtDM2RtitBja%2F65ilRfprnwv2ivpgDFVAyVC%2FTPiMzAQVygBd8QwAPy9oH38uOvaJBXwGu3zpoVBD8nrX7Ha0OWWNnw%2F%2FTxUPq3tSwo2pBUXreqGucYYlPY0sv3vybGBOzCA5qd2X3kJSkV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=864000
accept-ranges
bytes
cf-ray
85d1e88caff710eb-CPH
expires
Sun, 10 Mar 2024 15:23:25 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getCookie function| setCookie function| getSubId function| getToken function| getIdGoogle function| getSource function| getVoronka function| getaf function| getNamePrelend object| date object| matches string| pixel function| fbq function| _fbq function| $ function| jQuery object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils function| _0x88dc function| d function| itiFlagsAdd function| sendToLog function| commentVal function| _0x5084

10 Cookies

Domain/Path Name / Value
refund-service.digital/ Name: _subid
Value: 323s09j13aj
refund-service.digital/ Name: 0b527
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjY2XCI6MTcwOTIyMDIwNH0sXCJjYW1wYWlnbnNcIjp7XCIxOVwiOjE3MDkyMjAyMDR9LFwidGltZVwiOjE3MDkyMjAyMDR9In0.DzwD7sUIP6JAuB5D-Bj_VPKJ-tLkpTFTjptEtgbGlvU
refund-service.digital/ Name: _token
Value: uuid_323s09j13aj_323s09j13aj65e0a16cedba62.24797817
refund-service.digital/ Name: pixel
Value: 1
refund-service.digital/ Name: token
Value: uuid_323s09j13aj_323s09j13aj65e0a16cedba62.24797817
refund-service.digital/ Name: subid
Value: 323s09j13aj
refund-service.digital/ Name: source
Value:
refund-service.digital/ Name: voronka
Value: null
refund-service.digital/ Name: af
Value: null
refund-service.digital/ Name: prelend
Value: null

1 Console Messages

Source Level URL
Text
network error URL: https://refund-service.digital/lander/fin/img/line.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
refund-service.digital
www.facebook.com
2606:4700:20::681a:164
2606:4700:3030::6815:331
2606:4700:3033::ac43:823f
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::649
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a6b9d6c6b3407a9c668388bd756cde7ae39fea9b53334cfcab81ecfd227b13
49afa847388ba8dc8fd4d748b96707eb6176c8d3814651a69c9a9a7e4999e736
58c89c1729bfa22617b3e55958c62f5c634c44dbe86c03b88fc94d483010da5c
598fda57d679f82ed905c17cf54f846a12864a460aeb4044515e4d931a83bb7f
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73b8508335d1244532a934775a5002565975eae29af901aa3600f204c4d15e22
83694c3be567ac4cdc940657f3c89048f54ddc063b33886c6d1f0681ec1fdff1
839b5b760a092dacf2ead91ae2f4132e4127505ee66e20163627fd0babcf5b73
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8abb51715ec9b4b8587b197b320ba4b6b0092234563b2c72fba42583810ef0da
ad3a9e7253361ea559bde94c679465cedda78dd5ccaed4f035bd8c3a28e3acc6
b43f504dc88c9830b9921b6087b21fd51b51d9680d97dea55946aea64193c542
b71239ba794102e7806f0b365968dc96846bcfc56ec069fbe0f95388a35b357e
bd9074e7da91f4f7df45000ea013ca770d4e9a69f2a2eb3955f755bd83917206
c6deec275758e283e8e15b964ebe67f03b92d5a50a9538fc0af5c079b67469ca
d16969705619b51577b01b002ba5d7ad97ecf4407773bc635eee8b8348377d84
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a