urlscan.io logo urlscan.io
SecurityTrails logo

refundclaim.org Open in urlscan Pro
82.221.105.125  Public Scan

Go To Rescan Add Verdict Report
URL: https://refundclaim.org/selfie.php
Submission: On April 02 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 82.221.105.125, located in Iceland and belongs to THORDC-AS, IS. The main domain is refundclaim.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 21st 2020. Valid for: 3 months.
This is the only time refundclaim.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 82.221.105.125 50613 (THORDC-AS)
1 192.229.133.221 15133 (EDGECAST)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
23 6
15    82.221.105.125 (Iceland)

ASN50613 (THORDC-AS, IS)
PTR: eldborg.orangewebsite.com
refundclaim.org
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
4    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
Domain Requested by
15 refundclaim.org refundclaim.org
4 cdnjs.cloudflare.com refundclaim.org
1 maxcdn.bootstrapcdn.com refundclaim.org
1 code.jquery.com refundclaim.org
1 cdn.jsdelivr.net refundclaim.org
1 www.w3schools.com refundclaim.org
23 6

This site contains no links.

Subject Issuer Validity Valid
refundclaim.org
cPanel, Inc. Certification Authority		 2020-03-21 -
2020-06-19		 3 months crt.sh
*.w3schools.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-05		 3 years crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-02-22 -
2020-08-30		 6 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://refundclaim.org/selfie.php
Frame ID: DAE354236D4A6CA57A0D0FD47F57F813
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

616 kB
Transfer

1525 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request selfie.php
refundclaim.org/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
c227f5c5d702af4473eff5f4b8dad95f4c05101b2b62adb94260081f322f2d31

Request headers

:method
GET
:authority
refundclaim.org
:scheme
https
:path
/selfie.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Thu, 02 Apr 2020 08:54:58 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-24=":443"; ma=2592000, h3-25=":443"; ma=2592000
bootstrap.min.css
refundclaim.org/vendor/bootstrap/css/ 		122 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
5e8653a4ffd1bbba7686d4c7f11ffc2244cbe5a408c7febf04e47b911d1f656a

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Thu, 02 Apr 2020 04:47:12 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
16859
expires
Thu, 09 Apr 2020 08:54:58 GMT
font-awesome.min.css
refundclaim.org/fonts/font-awesome-4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Tue, 23 May 2017 14:43:54 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6658
expires
Thu, 09 Apr 2020 08:54:58 GMT
material-design-iconic-font.min.css
refundclaim.org/fonts/iconic/css/ 		69 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/fonts/iconic/css/material-design-iconic-font.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Sun, 08 Nov 2015 09:50:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6912
expires
Thu, 09 Apr 2020 08:54:58 GMT
animate.css
refundclaim.org/vendor/animate/ 		23 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/animate/animate.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2017 10:02:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2770
expires
Thu, 09 Apr 2020 08:54:58 GMT
hamburgers.min.css
refundclaim.org/vendor/css-hamburgers/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/css-hamburgers/hamburgers.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2017 19:45:52 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1930
expires
Thu, 09 Apr 2020 08:54:58 GMT
animsition.min.css
refundclaim.org/vendor/animsition/css/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/animsition/css/animsition.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
14020e649186932b88a7f815ad52ff939db3e2ba4228cad195831d1825acb54a

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Sat, 12 Aug 2017 06:56:10 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2063
expires
Thu, 09 Apr 2020 08:54:58 GMT
select2.min.css
refundclaim.org/vendor/select2/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/select2/select2.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Wed, 23 Aug 2017 18:52:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1790
expires
Thu, 09 Apr 2020 08:54:58 GMT
daterangepicker.css
refundclaim.org/vendor/daterangepicker/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/vendor/daterangepicker/daterangepicker.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Tue, 08 Aug 2017 19:09:34 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1461
expires
Thu, 09 Apr 2020 08:54:58 GMT
util.css
refundclaim.org/css/ 		85 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/css/util.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 21:16:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6199
expires
Thu, 09 Apr 2020 08:54:58 GMT
main.css
refundclaim.org/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/css/main.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
33f32a8f9f9766ab83ea938d48cd20e7d9c62bffb35eeb9554f1ee9cb064c742

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 21:16:39 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1735
expires
Thu, 09 Apr 2020 08:54:58 GMT
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418F) / ASP.NET
Resource Hash
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Fri, 07 Jun 2019 08:41:20 GMT
server
ECS (fcn/418F)
age
8438
x-powered-by
ASP.NET
etag
"0386ec7c1dd51:0"
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
text/css
status
200
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5224
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/ 		156 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.4.1/css/bootstrap.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
4754116
cf-ray
57d95409ee1cc303-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 28 Nov 2019 16:31:05 GMT
server
cloudflare
etag
W/"5ddff649-26f1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 08:54:58 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.12.0/css/ 		261 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mdbootstrap/4.12.0/css/mdb.min.css
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6816b298a3855e223d02437bf22971ec424caf77647a42d493ee2a9fadb5483
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
4077006
cf-ray
57d95409ee1dc303-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Sat, 15 Feb 2020 01:46:09 GMT
server
cloudflare
etag
W/"5e474d61-415d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 08:54:58 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
bs-custom-file-input.js
cdn.jsdelivr.net/npm/bs-custom-file-input/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16e21d998428f592b1e5eba951aafff03c6c33c40bcdff115fb68aaa16e541ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3019
cf-ray
57d95409e8a9175e-FRA
x-cache
HIT
status
200
vary
Accept-Encoding
x-served-by
cache-fra19125-FRA
server
cloudflare
etag
W/"1391-QYCME5JJVMn//YT7564sbF3fkgU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
jquery-3.1.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.slim.min.js
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217

Request headers

Referer
https://refundclaim.org/selfie.php
Origin
https://refundclaim.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 02 Apr 2020 08:54:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Sep 2016 22:32:34 GMT
Server
nginx
ETag
W/"57e45c02-10ebd"
Vary
Accept-Encoding
X-HW
1585817698.dop138.fr8.shc,1585817698.dop138.fr8.t,1585817698.cds129.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
23709
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://refundclaim.org/selfie.php
Origin
https://refundclaim.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
4754220
cf-ray
57d95409ed981782-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:59 GMT
server
cloudflare
etag
W/"5afd4ae3-619d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 08:54:58 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.6/js/bootstrap.min.js
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

Referer
https://refundclaim.org/selfie.php
Origin
https://refundclaim.org
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:52 GMT
access-control-allow-origin
*
etag
"1544639632"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
12031
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
content-encoding
br
cf-cache-status
HIT
age
30451640
cf-ray
57d95409ee1fc303-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 08:54:58 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.041
spaceman.jpg
refundclaim.org/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://refundclaim.org/spaceman.jpg
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
0bb8e0d3add5ba670453d4156cf26e0f9a928894f5320f9e5780221079342b4e

Request headers

Referer
https://refundclaim.org/selfie.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
last-modified
Tue, 31 Mar 2020 01:45:45 GMT
server
LiteSpeed
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
19538
expires
Thu, 09 Apr 2020 08:54:58 GMT
Poppins-Medium.ttf
refundclaim.org/fonts/poppins/ 		140 KB
140 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/fonts/poppins/Poppins-Medium.ttf
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
45870260a29fa7d3e0eff8cdd91993fb4a9ce4cced3d7b72c3ef7d24380bfc2d

Request headers

Referer
https://refundclaim.org/css/main.css
Origin
https://refundclaim.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
last-modified
Tue, 02 Jun 2015 22:00:00 GMT
server
LiteSpeed
content-type
font/ttf
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
143516
expires
Thu, 09 Apr 2020 08:54:58 GMT
Poppins-Regular.ttf
refundclaim.org/fonts/poppins/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/fonts/poppins/Poppins-Regular.ttf
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc

Request headers

Referer
https://refundclaim.org/css/main.css
Origin
https://refundclaim.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
last-modified
Tue, 02 Jun 2015 22:00:00 GMT
server
LiteSpeed
content-type
font/ttf
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
145312
expires
Thu, 09 Apr 2020 08:54:58 GMT
Poppins-Bold.ttf
refundclaim.org/fonts/poppins/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://refundclaim.org/fonts/poppins/Poppins-Bold.ttf
Requested by
Host: refundclaim.org
URL: https://refundclaim.org/selfie.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
82.221.105.125 , Iceland, ASN50613 (THORDC-AS, IS),
Reverse DNS
eldborg.orangewebsite.com
Software
LiteSpeed /
Resource Hash
210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068

Request headers

Referer
https://refundclaim.org/css/main.css
Origin
https://refundclaim.org
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Apr 2020 08:54:58 GMT
last-modified
Tue, 02 Jun 2015 22:00:00 GMT
server
LiteSpeed
content-type
font/ttf
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
141260
expires
Thu, 09 Apr 2020 08:54:58 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| bsCustomFileInput function| $ function| jQuery function| Tether function| isInputNumber function| showButton

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
maxcdn.bootstrapcdn.com
refundclaim.org
www.w3schools.com
192.229.133.221
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2606:4700::6810:5614
2606:4700::6811:4104
82.221.105.125
0bb8e0d3add5ba670453d4156cf26e0f9a928894f5320f9e5780221079342b4e
14020e649186932b88a7f815ad52ff939db3e2ba4228cad195831d1825acb54a
16e21d998428f592b1e5eba951aafff03c6c33c40bcdff115fb68aaa16e541ba
210933fb1bb4e846d37ef00c92cae636ac35633132cf2157c7ac879f27f82068
2425ebbc021bfdd18fe55edbeeb1539d22a217212c14430a7d4d75266a333bbc
27751cc48fb8c009d013ffb85f0f2b1db36530791eca74d317aec90d34f09b39
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3149a74d701ee7dd476f83694f8962062a456b5abbdea234101d30aff2738bcd
33f32a8f9f9766ab83ea938d48cd20e7d9c62bffb35eeb9554f1ee9cb064c742
45870260a29fa7d3e0eff8cdd91993fb4a9ce4cced3d7b72c3ef7d24380bfc2d
5e8653a4ffd1bbba7686d4c7f11ffc2244cbe5a408c7febf04e47b911d1f656a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9e4450a60b4d6d5b4a8304ade07576767dc3f64f7653b0f95bce43bf11d854b2
c227f5c5d702af4473eff5f4b8dad95f4c05101b2b62adb94260081f322f2d31
c493991dfa712d1fee861d41c18152e5f8663807484506a23ae97917f6fbbf7b
dd30cb28b7ad3a268bd4a6a5730f42e65490abd49bd2cf8a436afbbec5aceb02
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e6816b298a3855e223d02437bf22971ec424caf77647a42d493ee2a9fadb5483
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fd222b36abfc87a406283b8da0b180e22adeb7e9327ac0a41c6cd5514574b217