urlscan.io logo urlscan.io
SecurityTrails logo

getyourrefund.co.uk Open in urlscan Pro
35.214.2.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.getyourefund.co.uk/
Effective URL: https://getyourrefund.co.uk/
Submission: On July 31 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 60 HTTP transactions. The main IP is 35.214.2.14, located in London, United Kingdom and belongs to GOOGLE, US. The main domain is getyourrefund.co.uk.
TLS certificate: Issued by R11 on June 18th 2024. Valid for: 3 months.
This is the only time getyourrefund.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.getyourefund.co.uk
18    35.214.2.14 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 14.2.214.35.bc.googleusercontent.com
getyourrefund.co.uk
2    2a02:26f0:480:d::210:f153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
4    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a02:26f0:480:594::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
4    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:780::5f65:36c3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.yoshki.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
5    2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net
script.hotjar.com
2    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 getyourrefund.co.uk
getyourrefund.co.uk
1 MB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 4363
tr.outbrain.com — Cisco Umbrella Rank: 4248
wave.outbrain.com — Cisco Umbrella Rank: 4246
10 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
139 KB
5 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 6421
consentcdn.cookiebot.com — Cisco Umbrella Rank: 7143
imgsct.cookiebot.com — Cisco Umbrella Rank: 8045
107 KB
4 gstatic.com
fonts.gstatic.com
76 KB
4 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1950
282 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
203 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3123
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
64 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 3241
alb.reddit.com — Cisco Umbrella Rank: 1969
761 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1335
script.hotjar.com — Cisco Umbrella Rank: 2017
60 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1561
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
74 KB
1 yoshki.com
cdn.yoshki.com — Cisco Umbrella Rank: 124250 Failed
1 getyourefund.co.uk
www.getyourefund.co.uk
316 B
60 16
Domain Requested by
18 getyourrefund.co.uk getyourrefund.co.uk
consent.cookiebot.com
5 analytics.tiktok.com getyourrefund.co.uk
analytics.tiktok.com
4 fonts.gstatic.com getyourrefund.co.uk
4 use.fontawesome.com getyourrefund.co.uk
use.fontawesome.com
3 www.googletagmanager.com getyourrefund.co.uk
consent.cookiebot.com
2 region1.google-analytics.com analytics.tiktok.com
2 pagead2.googlesyndication.com www.googletagmanager.com
2 www.facebook.com
2 tr.outbrain.com amplify.outbrain.com
2 amplify.outbrain.com getyourrefund.co.uk
amplify.outbrain.com
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 connect.facebook.net getyourrefund.co.uk
connect.facebook.net
2 consentcdn.cookiebot.com consent.cookiebot.com
2 consent.cookiebot.com getyourrefund.co.uk
consent.cookiebot.com
1 wave.outbrain.com amplify.outbrain.com
1 script.hotjar.com static.hotjar.com
1 alb.reddit.com
1 pixel-config.reddit.com www.redditstatic.com
1 static.hotjar.com getyourrefund.co.uk
1 imgsct.cookiebot.com
1 cdn.yoshki.com getyourrefund.co.uk
consent.cookiebot.com
1 www.getyourefund.co.uk 1 redirects
60 22
Subject Issuer Validity Valid
*.getyourrefund.co.uk
R11		 2024-06-18 -
2024-09-16		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
cdn.yoshki.com
E6		 2024-06-24 -
2024-09-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-09 -
2024-08-07		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
*.g.doubleclick.net
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://getyourrefund.co.uk/
Frame ID: 775507F009609CA95CBC03CAEC9E03E8
Requests: 59 HTTP requests in this frame

Frame: https://cdn.yoshki.com/iframe/55845r.html
Frame ID: 495BD55B8BA1972E294B7FA7CA550AED
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: D0C09158703800E1125E3AEC82F36B08
Requests: 1 HTTP requests in this frame

Frame: https://cdn.yoshki.com/iframe/55845r.html
Frame ID: 2DAE86514C2CFCB439A00CC9C7B8BF38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get Your Refund: Mis-sold PCP & HP car finance claims

Page URL History Show full URLs

  1. https://www.getyourefund.co.uk/ HTTP 301
    https://getyourrefund.co.uk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

98 %
HTTPS

50 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

2121 kB
Transfer

6980 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.getyourefund.co.uk/ HTTP 301
    https://getyourrefund.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
getyourrefund.co.uk/
Redirect Chain
  • https://www.getyourefund.co.uk/
  • https://getyourrefund.co.uk/
85 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7d733e12811dddbeae256dbb455a6cb8d1847d979d168a8dffc44b9b29519a71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 04:27:45 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
link
<https://getyourrefund.co.uk/wp-json/>; rel="https://api.w.org/" <https://getyourrefund.co.uk/wp-json/wp/v2/pages/1145>; rel="alternate"; title="JSON"; type="application/json" <https://getyourrefund.co.uk/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-enabled
True
x-content-type-options
nosniff
x-httpd-modphp
1
x-proxy-cache
HIT
x-xss-protection
1; mode=block

Redirect headers

Connection
close
Content-Length
62
Content-Type
text/html; charset=utf-8
Date
Wed, 31 Jul 2024 04:27:45 GMT
Location
https://getyourrefund.co.uk
Server
ip-100-74-4-215.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
c7f96e5f-83d3-45bc-a4c5-4bf0d8bf484c
uc.js
consent.cookiebot.com/ 		110 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0c37c64247f9e0eaa739af4c3750f7030cfb7969ff47badbb3b02a4f3648f636

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Wed, 31 Jul 2024 04:41:33 GMT
date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
gzip
last-modified
Fri, 19 Jul 2024 12:08:14 GMT
etag
"0bcf54d4d9da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=827
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
25155
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
siteground-optimizer-combined-css-0097374a77667905c6099e3e8cdf5bca.css
getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/ 		984 KB
106 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-0097374a77667905c6099e3e8cdf5bca.css
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0cb353e5f21e6dadf87461bf58e5389f42cb0d1c244ea24434f296871325a6f

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 08:35:42 GMT
server
nginx
etag
W/"f5f4a-61e72dcf362f3"
vary
Accept-Encoding
content-type
text/css
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
all.css
use.fontawesome.com/releases/v6.4.2/css/ 		100 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.4.2/css/all.css
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5222e06b77a1692fa2520a219840e6be"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLefUoUIGlW6IEVojAi2jlmfrK8msYFPuAHYZ7WkACcnkgNbg%2FkU2hNyM8N%2FZN0N2JacO4X%2BbfgblcpJlXEeCbVellLODnB%2FYTO%2BvU%2F%2BO9kNqlUoD59vPFHKmPQC3m62PbXDVmaTWS6nNZcw7%2B1rjTgg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8abad67d0a7a91d5-FRA
alt-svc
h3=":443"; ma=86400
v4-shims.css
use.fontawesome.com/releases/v6.4.2/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.4.2/css/v4-shims.css
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"665de85010641f678f0178a9d330a7af"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtoqCg0QQ5I78tg22LargR2PJEM8LQYDnXxb95QSjC0w%2F9dPSwqVR%2Fx3MmLpVcoFi%2B%2FhzRmIIdO3ar53uOO%2BOhDv483AXsXYuhvAZ%2BNtq0bb2VHkOHZfRpfmHN7Aciprh0WOZ9YOIuHInkvJNxMbOl1v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8abad67d0a7991d5-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WPQRF8C
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a78279be83381322c10c4b752c27a66c0de25cb4c6a14a2d62b5522a3a7dc7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118468
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 04:27:46 GMT
Get-Your-Refund-100px-1.png
getyourrefund.co.uk/wp-content/uploads/2023/08/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/08/Get-Your-Refund-100px-1.png
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
024809a39233ac9d10f80ce6148d4a4e50cd2f3bf39e1fdae95379b02be529c2

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Thu, 26 Oct 2023 07:29:19 GMT
server
nginx
etag
"4ca6-6089987a9b0a5"
content-type
image/png
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
19622
x-proxy-cache
HIT
iStock-514780670-1.jpg
getyourrefund.co.uk/wp-content/uploads/2023/10/ 		225 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/10/iStock-514780670-1.jpg
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
888b4b7920b34fc7afdc41d69d682ceb054f189d716940f8abb076761037f04a

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Tue, 10 Oct 2023 10:32:06 GMT
server
nginx
etag
"38445-6075a37e6baba"
content-type
image/jpeg
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
230469
x-proxy-cache
HIT
jquery.js
getyourrefund.co.uk/wp-includes/js/jquery/ 		279 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 06:58:47 GMT
server
nginx
etag
W/"45a96-6099e9e6765fc"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
hooks.js
getyourrefund.co.uk/wp-includes/js/dist/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/dist/hooks.js?ver=2e6d63e772894a800ba8
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
34a26f6ab0119d04c81a015354f672344d1887e2d5e769f5eecf68c87f50b14d

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 08:14:08 GMT
server
nginx
etag
W/"4d10-6152cce929933"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
i18n.js
getyourrefund.co.uk/wp-includes/js/dist/ 		49 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/dist/i18n.js?ver=2aff907006e2aa00e26e
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b15ed20e5b3c78e57f6856a29e88979872e970622415878b5a5082e4602d75ce

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 08:14:08 GMT
server
nginx
etag
W/"c2f4-6152cce92e753"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/ 		725 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9fb02b09178e743395850f1a0b628b7facdf58097b445d078fb03c3a0dcbf39b

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 08:32:51 GMT
server
nginx
etag
W/"b5288-61e72d2c66497"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
configuration.js
consentcdn.cookiebot.com/consentconfig/2dac0483-e7e0-46bc-b108-f885da88c205/getyourrefund.co.uk/ 		564 B
907 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/2dac0483-e7e0-46bc-b108-f885da88c205/getyourrefund.co.uk/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
648d810aa0b4d20b1a68b8952a3b7a9afb07dd6f6d2b0faa9f05e9a100eb1c64

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Mon, 18 Sep 2023 08:03:37 GMT
server
AkamaiNetStorage
etag
"354410c4ad26659f47b08e3c0d855eb3:1695024217.631885"
content-type
application/x-javascript
cache-control
max-age=31121
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1722400066138_35115176_49598497_69_1102_7_77_146";dur=1
accept-ranges
bytes
content-length
564
expires
Wed, 31 Jul 2024 13:06:27 GMT
cc.js
consent.cookiebot.com/2dac0483-e7e0-46bc-b108-f885da88c205/ 		305 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/2dac0483-e7e0-46bc-b108-f885da88c205/cc.js?renew=false&referer=getyourrefund.co.uk&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1432d60b72bbf240c7a3100721a1ec180b9d37ed5d9e66ab9fefcbf594b7e7f1

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
gzip
last-modified
Wed, 31 Jul 2024 04:27:46 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
82759
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
55845r.html
cdn.yoshki.com/iframe/ Frame 495B 		0
0
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame D0C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://getyourrefund.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 31 Jul 2024 04:27:46 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 31 Jul 2025 04:27:46 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1722400066239_35115176_49598511_29_927_7_9_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
iStock-1462529231-1.jpg
getyourrefund.co.uk/wp-content/uploads/2023/10/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/10/iStock-1462529231-1.jpg
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-0097374a77667905c6099e3e8cdf5bca.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
545f9c1e98b57ead33d744148e4256902d3449fbcbac932cd8c30ebdb9f1d50e

Request headers

Referer
https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-css-0097374a77667905c6099e3e8cdf5bca.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Tue, 10 Oct 2023 10:28:15 GMT
server
nginx
etag
"2e976-6075a2a1b9a76"
content-type
image/jpeg
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
190838
x-proxy-cache
HIT
fa-solid-900.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

Request headers

Referer
https://use.fontawesome.com/releases/v6.4.2/css/all.css
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d5e647388e2415268b700d3df2e30a0d"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcR6TxyRpAkEWC%2BrrDaNa7M0b9HJ7Wc6NzFJ8zSIjwGn1ijayRIp%2BUJiT42459qgNCRqa60wom0Z5DhfK7XiYO0%2FJw4paxmw%2Fzgcwr%2BUOixd%2FTGrd%2B0HL19TTmz65PvrrCreNakd38nLIMU8weWWyqnq"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8abad67e7b2f91d5-FRA
alt-svc
h3=":443"; ma=86400
content-length
150020
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAfJtRSW3z.ttf
fonts.gstatic.com/s/dmsans/v15/ 		32 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAfJtRSW3z.ttf
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2445d23f99ad1ea30718c64455fd28dee2d4d9c6cbea7eca7980b3c814c13fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 09:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19155
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 09:31:28 GMT
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW3z.ttf
fonts.gstatic.com/s/dmsans/v15/ 		32 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAopxRSW3z.ttf
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8705cb15a6b01f2877649c34ede743751dd481a33a9bc4ed32106f210bed3cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:15:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19235
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 17:15:32 GMT
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZtRSW3z.ttf
fonts.gstatic.com/s/dmsans/v15/ 		32 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwARZtRSW3z.ttf
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1227fb46a4258057d7459cdb9db97a3f0d1ab429cec67c7ac6d7345ab92c4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:05:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19317
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 17:05:40 GMT
rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW3z.ttf
fonts.gstatic.com/s/dmsans/v15/ 		32 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2tp2ywxg089UriI5-g4vlH9VoD8CmcqZG40F9JadbnoEwAkJxRSW3z.ttf
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
013082ebb683106150f6a34fb156fbef5f33af0202b6fd17d29a4c85bbe84dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:41:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19419
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:59:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 14:41:00 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v6.4.2/webfonts/ 		107 KB
108 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v6.4.2/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

Request headers

Referer
https://use.fontawesome.com/releases/v6.4.2/css/all.css
Origin
https://getyourrefund.co.uk
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:46:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"005c9aa92b564b73b7582cc4f1fa49cb"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xwTUa8%2B%2B2y5dSsYd%2FffMshCzblqfs3n5lMtjWECW6Temvy1z89dhdeIDzHxawonDGLalULUIxNLcQie3G8cpWpd204OVJ9JJOoaDuwdV6MBBw%2Bzwn0WZz10A%2BsEJk9kT5sDXeYzugf84PRIbafJL%2FfT"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8abad67e7b3091d5-FRA
alt-svc
h3=":443"; ma=86400
content-length
109808
iStock-1395134717-1.jpg
getyourrefund.co.uk/wp-content/uploads/2023/10/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/10/iStock-1395134717-1.jpg
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
08a91328e81cac2af6db691a763c0e1f3d695ac00ef201245e73d0b2df407aae

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Tue, 10 Oct 2023 10:32:42 GMT
server
nginx
etag
"30319-6075a3a0d9437"
content-type
image/jpeg
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
197401
x-proxy-cache
HIT
iStock-1009922310-1.jpg
getyourrefund.co.uk/wp-content/uploads/2023/10/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/10/iStock-1009922310-1.jpg
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6c2c00322b8e82a1fe0aad65dce8f691bab9be0dfa76d8404874e328f6f72f8a

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Tue, 10 Oct 2023 10:32:47 GMT
server
nginx
etag
"290d8-6075a3a5bcd07"
content-type
image/jpeg
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
168152
x-proxy-cache
HIT
Review-Solicitors-svg-logo.svg
getyourrefund.co.uk/wp-content/uploads/2024/07/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2024/07/Review-Solicitors-svg-logo.svg
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
df3be35e22bebf98a472f849eb955c8f5ffa9699cc62b5e8a14ad2793d525e3d

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 03 Jul 2024 14:46:49 GMT
server
nginx
etag
W/"3706-61c58e6788bf5"
vary
Accept-Encoding
content-type
image/svg+xml
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
truncated
/ 		921 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
55845r.html
cdn.yoshki.com/iframe/ Frame 2DAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.yoshki.com/iframe/55845r.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:36c3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload

Request headers

Referer
https://getyourrefund.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-max-age
86400
akamai-grn
0.bf36655f.1722400066.bdf1d89
akamai-request-bc
[a=95.101.54.191,b=199171465,c=g,n=DE_HE_FRANKFURT,o=20940]
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-encoding
gzip
content-length
291
content-type
text/html
date
Wed, 31 Jul 2024 04:27:46 GMT
etag
"a3fb7eac1581da1:0"
last-modified
Thu, 28 Mar 2024 13:41:44 GMT
server
Microsoft-IIS/10.0
strict-transport-security
max-age=15552001; includeSubDomains; preload
vary
Accept-Encoding
x-powered-by
ASP.NET
js
www.googletagmanager.com/gtag/ 		353 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-WPQRF8C
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a78279be83381322c10c4b752c27a66c0de25cb4c6a14a2d62b5522a3a7dc7f0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
118468
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 31 Jul 2024 04:27:46 GMT
1.gif
imgsct.cookiebot.com/ 		35 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=2dac0483-e7e0-46bc-b108-f885da88c205
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:594::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
x-guploader-uploadid
AHxI1nODBoSfYraBqjT1-JcOJDZ7lg0dYJ6azOGJxFa6CB-Tc1rPvA1ptRdHlKeSObmPaPHqY-8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
35
last-modified
Mon, 23 Oct 2023 11:39:32 GMT
server
UploadServer
etag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-generation
1698061172769999
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1800
x-goog-stored-content-length
35
accept-ranges
bytes
content-type
image/gif
cropped-Get-Your-Refund_logo-512-32x32.png
getyourrefund.co.uk/wp-content/uploads/2023/11/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-content/uploads/2023/11/cropped-Get-Your-Refund_logo-512-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
16c3450d6e18c5cd191bf69989b68807a2805bbba9528791395136c66f1b9691

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
last-modified
Sat, 04 Nov 2023 21:37:06 GMT
server
nginx
etag
"50d-6095a6c218f58"
content-type
image/png
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
1293
x-proxy-cache
HIT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 04:27:46 GMT
document-policy
force-load-at-top
x-fb-server-load
27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1297, tbw=2797, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
GhCGDZ5+C+vD1cdyw9R5oLc2Ay40fzT0EvG+pItVUIdsf1SvPh1z21Amj4pph8e/Rc/rvur3Urv+fhhvQ5oiJQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		243 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XQQX5JQ
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b24813ba1bd744abd76c16fdf93a303bf73bd0369f66306cae649247ee35db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88672
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 31 Jul 2024 04:27:46 GMT
jquery.js
getyourrefund.co.uk/wp-includes/js/jquery/ 		279 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/jquery/jquery.js?ver=3.7.1
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 08 Nov 2023 06:58:47 GMT
server
nginx
etag
W/"45a96-6099e9e6765fc"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
hooks.js
getyourrefund.co.uk/wp-includes/js/dist/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/dist/hooks.js?ver=2e6d63e772894a800ba8
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
34a26f6ab0119d04c81a015354f672344d1887e2d5e769f5eecf68c87f50b14d

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 08:14:08 GMT
server
nginx
etag
W/"4d10-6152cce929933"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
i18n.js
getyourrefund.co.uk/wp-includes/js/dist/ 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-includes/js/dist/i18n.js?ver=2aff907006e2aa00e26e
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b15ed20e5b3c78e57f6856a29e88979872e970622415878b5a5082e4602d75ce

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Wed, 03 Apr 2024 08:14:08 GMT
server
nginx
etag
W/"c2f4-6152cce92e753"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/ 		725 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
9fb02b09178e743395850f1a0b628b7facdf58097b445d078fb03c3a0dcbf39b

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:46 GMT
content-encoding
br
last-modified
Tue, 30 Jul 2024 08:32:51 GMT
server
nginx
etag
W/"b5288-61e72d2c66497"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQQX5JQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 20 Jun 2024 19:23:03 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"71b328aff914ada8b774bfa8fff542c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
12116
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPHH3TBC77U3S3PJI8I0&lib=ttq
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d921d736f096bb4d10f926ae9a22b07af34cd6170e88774a8087644cfe3cd25

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
f63ba6f9.271da3d2
date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240731042747BC3D60CB0757C9DE3594-4BE9BF64A406D47D-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time
97,2.20.179.90
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=9, inner; dur=4
content-length
2202
pragma
no-cache
server
nginx
x-tt-logid
20240731042747BC3D60CB0757C9DE3594
x-cache-remote
TCP_MISS from a23-48-100-4.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.48.100.4
x-tt-trace-host
01f04852838302d0ee5d18212fe77cc2d358fb56925b2bf4ca4178149fd91b0910edd7e83bf0aa2aafb86cf2c150614bccabeef1738f262cd72c25f7b113b67dafa4b60508bd2741564fcd2aa9374c087fe3016975344c48a5ff7b51f65623ceb0e4f22eb824d6e2fea1aae3c2d3678cbf
expires
Wed, 31 Jul 2024 04:27:47 GMT
4018415448377167
connect.facebook.net/signals/config/ 		71 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/4018415448377167?v=2.9.162&r=stable&domain=getyourrefund.co.uk&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f0c847b4e33c3044ddd929bf2d792838825ac758b50b47a712867a5ddff9e092
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 31 Jul 2024 04:27:47 GMT
document-policy
force-load-at-top
x-fb-server-load
28
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=66, mss=1297, tbw=64245, tp=-1, tpl=-1, uplat=58, ullat=0
pragma
public
x-fb-debug
ibwNUCS6uPpmYmjXR1TzQXaHsmFQJqaFZvmK8lC4SQ2kGctmSLl2Vdd57FX1B6E3rFC2pAtiij70PQFfwdIsqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
obtp.js
amplify.outbrain.com/cp/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
478969b90650f491604fb1fb981d25f2350a42df053712227aafa86725538fc1

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 04:27:47 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2024 07:46:01 GMT
Server
AkamaiNetStorage
ETag
"484f007d650a3fc9fe7590700b8bf590:1721634587.188058"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8617
Expires
Wed, 31 Jul 2024 04:47:47 GMT
hotjar-3784313.js
static.hotjar.com/c/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3784313.js?sv=5
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
ce5d46fdc8fcda0181ccd7b048706279325b8f90f47d93973d972b1ce3212797
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/c1ef70dd8fc8d791732382f4f6f2cee4
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
kGfU0rxiup-9XdaIIkobW9KZftnCjpzmB8FrT95Qp40gYgkVmbtaPQ==
config
pixel-config.reddit.com/pixels/a2_f3oh0qxalapu/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_f3oh0qxalapu/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
via
1.1 varnish
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
content-length
27
a2_f3oh0qxalapu_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_f3oh0qxalapu_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server
snooserv
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-length
97
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1722400067158&id=a2_f3oh0qxalapu&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=f1252dbb-eaa1-4a85-84a9-c1e58811f655&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_e9773deb&dpm=&dpcc=&dprc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
modules.8da33a8f469c3b5ffcec.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3784313.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-54.fra56.r.cloudfront.net
Software
/
Resource Hash
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 14:23:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
50681
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56385
last-modified
Tue, 30 Jul 2024 14:22:40 GMT
etag
"0728625a147ca79276a1790b9cf3175d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
f3esj_vuzYtcUiJssI0Z257veQyUnlmnG6kjY9zkjEnVk3XwNJ7tGA==
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=true&bust=0795665905787958&referrer=&cht=cb&marketerId=007d6642ec6fcdc43c1730ab08e234aaa5&name=PAGE_VIEW&dl=https%3A%2F%2Fgetyourrefund.co.uk%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
cache-control
no-cache
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
dd2d7ca9c6c32a0097232f3e30a54895
content-length
54
content-type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=007d6642ec6fcdc43c1730ab08e234aaa5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
a1b580a62bf8b9fcbab2837ec57839a5
content-length
39
content-type
application/javascript
007d6642ec6fcdc43c1730ab08e234aaa5
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/007d6642ec6fcdc43c1730ab08e234aaa5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 31 Jul 2024 04:27:47 GMT
ob-sent-time
1722320907421
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
x-traceid
b814c164b12e34834ba15cb1f9db7a0
Content-Length
22
Expires
Wed, 31 Jul 2024 04:28:47 GMT
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Wed, 31 Jul 2024 04:27:47 GMT
Observe-Browsing-Topics
?1
Content-Type
text/html
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Content-Length
26
Expires
Wed, 31 Jul 2024 04:47:47 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=4018415448377167&ev=PageView&dl=https%3A%2F%2Fgetyourrefund.co.uk%2F&rl=&if=false&ts=1722400067200&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722400067193.458407065251688837&cs_est=true&ler=empty&cdl=API_unavailable&it=1722400067050&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2825, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 31 Jul 2024 04:27:47 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4018415448377167&ev=PageView&dl=https%3A%2F%2Fgetyourrefund.co.uk%2F&rl=&if=false&ts=1722400067200&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.2.1722400067193.458407065251688837&cs_est=true&ler=empty&cdl=API_unavailable&it=1722400067050&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 31 Jul 2024 04:27:47 GMT
document-policy
force-load-at-top
x-fb-server-load
26
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397651958682286885", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3142, tp=-1, tpl=-1, uplat=159, ullat=0
pragma
no-cache
x-fb-debug
RE/1U3h/ejhsbgFBqmMhaXUfJfCnysJWG7NG9Ob81bM9Qykwk6IPa19sxETXyo1zKiOV59/n3wGV4ygLsYGuEA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397651958682286885"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTc2ZTRjM2Y4MQ.js
analytics.tiktok.com/i18n/pixel/static/ 		336 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CPHH3TBC77U3S3PJI8I0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bee3c126b83a3399e8cf9b0b113cf726594512e9628e2a53864c56af0f309f52

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
271da4fb
date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240731010253D98A8C523FFD45D21217
x-tt-trace-id
00-240731010253D98A8C523FFD45D21217-56BCDF728AF29DC0-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0160aff0ea0a86dfda9bf7f2334c955a5b728a214c47500c4ff6ef115d006a6700ef4ebcaf71d22f57a81eaa0554c7fd8f15ebb070a4b4c13b4e3bbd1bcf63058c68bfe943c17e3b4f5fa6d7972c89672f2d766615848203cd4aece091c1277bf0
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
96565
identify_c2008b8c.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
271da66e
date
Wed, 31 Jul 2024 04:27:47 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id
00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39594
pixel
analytics.tiktok.com/api/v2/ 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
271da696
date
Wed, 31 Jul 2024 04:27:47 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407310427475B1A6D6D0B8B7FE3325A-2C733710B8C12602-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing
inner; dur=27, cdn-cache; desc=MISS, edge; dur=4, origin; dur=116
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407310427475B1A6D6D0B8B7FE3325A
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
117,2.20.179.90
x-tt-trace-host
01f04852838302d0ee5d18212fe77cc2d3e65dfdf2b17e612b623dde4b61b3d5aa17e386e736fe28d5fe06ceaee9ad7a938e81d3e297e1c2b6db3b5b77274a1000aec6db7695c8fb58ff00c42ef5be28fe6ac391306ea0e074b487187aac1cda7d
access-control-allow-headers
Authorization,*
expires
Wed, 31 Jul 2024 04:27:47 GMT
landing
pagead2.googlesyndication.com/pagead/ 		42 B
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3pPp2p5&tag_exp=95250753&rnd=1687627790.1722400068&url=https%3A%2F%2Fgetyourrefund.co.uk%2F&dma_cps=-&dma=1&npa=1&gtm=45Pe47t0v9168704561za200&did=dMWZhNz%2CdZTNiMT&gdid=dMWZhNz.dZTNiMT&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-WPQRF8C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 04:27:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
pagead2.googlesyndication.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgetyourrefund.co.uk%2F&frm=0&rnd=1687627790.1722400068&npa=1&us_privacy=1---&gtm=45He47t0v9187063641za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&tag_exp=95250753&tft=1722400067515&tfd=1827&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQQX5JQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZE7H3YBWRY&gtm=45Pe47t0v9168704561za200&_p=1722400066750&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=95250753&gdid=dMWZhNz.dZTNiMT&gtm_up=1&cid=1070702096.1722400068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=Ag&_s=1&sid=1722400066&sct=1&seg=0&dl=https%3A%2F%2Fgetyourrefund.co.uk%2F&dt=Get%20Your%20Refund%3A%20Mis-sold%20PCP%20%26%20HP%20car%20finance%20claims&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1847
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 04:27:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getyourrefund.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZE7H3YBWRY&gtm=45Pe47t0v9168704561za200&_p=1722400066750&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=95250753&gdid=dMWZhNz.dZTNiMT&gtm_up=1&cid=1070702096.1722400068&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAg&_s=2&dl=confirmation&sid=1722400066&sct=1&seg=0&dt=Get%20Your%20Refund%3A%20Mis-sold%20PCP%20%26%20HP%20car%20finance%20claims&en=sign_up&_c=1&_et=3&tfd=1856
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 31 Jul 2024 04:27:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://getyourrefund.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc2ZTRjM2Y4MQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-64-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
30f93d11.271da8d6
date
Wed, 31 Jul 2024 04:27:47 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407310427475B3F5FD448C706EDDB88-3F2D03FCA6310506-00
x-cache
TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time
108,2.20.179.90
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=20, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202407310427475B3F5FD448C706EDDB88
x-cache-remote
TCP_MISS from a23-218-222-71.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
20,23.218.222.71
x-tt-trace-host
01f04852838302d0ee5d18212fe77cc2d3ab77a8a7372901920c08f8c085bc62eed3ddd1c86f9b99f8d4dc635ef4def30890b36d6154191500caf67271f9e70d981b4705958aef78edba7aa140610f4cb272ef5d6f0a63657f1bfe981e04c87953fe60f612c6cbf2f2acecb66f79a68db5
access-control-allow-headers
Authorization,*
expires
Wed, 31 Jul 2024 04:27:47 GMT
text-editor.2f2f7e0ea1e16387a004.bundle.js
getyourrefund.co.uk/wp-content/plugins/elementor/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getyourrefund.co.uk/wp-content/plugins/elementor/assets/js/text-editor.2f2f7e0ea1e16387a004.bundle.js
Requested by
Host: getyourrefund.co.uk
URL: https://getyourrefund.co.uk/wp-content/uploads/siteground-optimizer-assets/siteground-optimizer-combined-js-c6f1dc7ff5afec95e968b8209f0790e3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.214.2.14 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
14.2.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
adfbd14cb47e6d4caa1b4355c2c9eb1177ff87709dbfb02210ea5a48ed0d3a94

Request headers

Referer
https://getyourrefund.co.uk/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 04:27:48 GMT
content-encoding
br
last-modified
Thu, 25 Jul 2024 21:25:28 GMT
server
nginx
etag
W/"af0-61e1908a8fd41"
vary
Accept-Encoding
content-type
application/javascript
x-httpd-modphp
1
host-header
8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache
HIT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.yoshki.com
URL
https://cdn.yoshki.com/iframe/55845r.html

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog object| _googlesitekitConsentCategoryMap object| _googlesitekitConsents object| cookiebot_category_mapping object| cookiebot_consent_type object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady function| fbq function| _fbq object| consent_api object| wpforms_user_journey function| jQuery number| CB_jQueryHoldReadyStarted object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorFrontendConfig object| _wpUtilSettings object| wpformsElementorVars function| rdt string| TiktokAnalyticsObject object| ttq function| set_referrer_id function| wp_has_consent function| consent_api_set_cookie function| consent_api_get_cookie function| wp_set_consent object| WPFormsUserJourney object| WPFormsElementorFrontend string| wp_consent_type function| obApi function| hj object| _hjSettings string| wp_fallback_consent_type object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| elementorProFrontend function| Waypoint object| elementorFrontend function| _ number| CB_OnTagsExecuted_Processed function| redditNormalizeEmail object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled function| apiObj object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| gaGlobal function| addEventListenerBase

9 Cookies

Domain/Path Name / Value
getyourrefund.co.uk/ Name: _wpfuj
Value: {"1722400067":"https%3A%2F%2Fgetyourrefund.co.uk%2F%7C%23%7CGet%20Your%20Refund%3A%20Mis-sold%20PCP%20%26%20HP%20car%20finance%20claims%7C%23%7C1145"}
.getyourrefund.co.uk/ Name: _rdt_uuid
Value: 1722400067156.f1252dbb-eaa1-4a85-84a9-c1e58811f655
.getyourrefund.co.uk/ Name: _fbp
Value: fb.2.1722400067193.458407065251688837
.tiktok.com/ Name: _ttp
Value: 2jzq5BE5dPYY7Y1zBygTGuYTU3A
.getyourrefund.co.uk/ Name: _hjSessionUser_3784313
Value: eyJpZCI6IjM0NTQ4YWNmLTFkNTMtNWU4MC1hMjJmLWEyOTQ5OTVjOGQxMiIsImNyZWF0ZWQiOjE3MjI0MDAwNjczMjMsImV4aXN0aW5nIjpmYWxzZX0=
.getyourrefund.co.uk/ Name: _hjSession_3784313
Value: eyJpZCI6IjMzYTgwNDAxLWI4YTMtNGU3Ny1iNjU0LTI4YWE2M2IxNGQ4YiIsImMiOjE3MjI0MDAwNjczMjQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.getyourrefund.co.uk/ Name: _tt_enable_cookie
Value: 1
.getyourrefund.co.uk/ Name: _ttp
Value: 8Fx1qjR8HBZNR1ws3qGLs8Fp4dF
getyourrefund.co.uk/ Name: wp_consent_functional
Value: allow

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
cdn.yoshki.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
fonts.gstatic.com
getyourrefund.co.uk
imgsct.cookiebot.com
pagead2.googlesyndication.com
pixel-config.reddit.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
tr.outbrain.com
use.fontawesome.com
wave.outbrain.com
www.facebook.com
www.getyourefund.co.uk
www.googletagmanager.com
www.redditstatic.com
cdn.yoshki.com
13.32.27.54
142.250.181.226
151.101.1.140
151.101.65.140
18.66.102.11
184.28.89.148
2.18.64.26
2001:4860:4802:32::36
2606:4700:3036::6815:1b98
2a00:1450:4001:801::2003
2a00:1450:4001:82f::2008
2a02:26f0:480:594::f09
2a02:26f0:480:d::210:f153
2a02:26f0:780::5f65:36c3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::396
3.33.251.168
35.214.2.14
64.202.112.191
013082ebb683106150f6a34fb156fbef5f33af0202b6fd17d29a4c85bbe84dff
024809a39233ac9d10f80ce6148d4a4e50cd2f3bf39e1fdae95379b02be529c2
08a91328e81cac2af6db691a763c0e1f3d695ac00ef201245e73d0b2df407aae
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0c37c64247f9e0eaa739af4c3750f7030cfb7969ff47badbb3b02a4f3648f636
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef
1227fb46a4258057d7459cdb9db97a3f0d1ab429cec67c7ac6d7345ab92c4dfc
1432d60b72bbf240c7a3100721a1ec180b9d37ed5d9e66ab9fefcbf594b7e7f1
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
16c3450d6e18c5cd191bf69989b68807a2805bbba9528791395136c66f1b9691
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1e7f83052e1e3442c4397ced9555033cd1d3f08444d85960683bcf91c8433cdb
2445d23f99ad1ea30718c64455fd28dee2d4d9c6cbea7eca7980b3c814c13fc1
34a26f6ab0119d04c81a015354f672344d1887e2d5e769f5eecf68c87f50b14d
3b24813ba1bd744abd76c16fdf93a303bf73bd0369f66306cae649247ee35db9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
478969b90650f491604fb1fb981d25f2350a42df053712227aafa86725538fc1
4d921d736f096bb4d10f926ae9a22b07af34cd6170e88774a8087644cfe3cd25
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
545f9c1e98b57ead33d744148e4256902d3449fbcbac932cd8c30ebdb9f1d50e
648d810aa0b4d20b1a68b8952a3b7a9afb07dd6f6d2b0faa9f05e9a100eb1c64
6755508f95a14ac65d6d5123ce9db08f5b0fc2921dd713a6ae8d6369a0020da9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c2c00322b8e82a1fe0aad65dce8f691bab9be0dfa76d8404874e328f6f72f8a
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7d733e12811dddbeae256dbb455a6cb8d1847d979d168a8dffc44b9b29519a71
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
8705cb15a6b01f2877649c34ede743751dd481a33a9bc4ed32106f210bed3cf0
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
888b4b7920b34fc7afdc41d69d682ceb054f189d716940f8abb076761037f04a
9fb02b09178e743395850f1a0b628b7facdf58097b445d078fb03c3a0dcbf39b
a78279be83381322c10c4b752c27a66c0de25cb4c6a14a2d62b5522a3a7dc7f0
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adfbd14cb47e6d4caa1b4355c2c9eb1177ff87709dbfb02210ea5a48ed0d3a94
b15ed20e5b3c78e57f6856a29e88979872e970622415878b5a5082e4602d75ce
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
bee3c126b83a3399e8cf9b0b113cf726594512e9628e2a53864c56af0f309f52
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce5d46fdc8fcda0181ccd7b048706279325b8f90f47d93973d972b1ce3212797
df3be35e22bebf98a472f849eb955c8f5ffa9699cc62b5e8a14ad2793d525e3d
e0cb353e5f21e6dadf87461bf58e5389f42cb0d1c244ea24434f296871325a6f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c847b4e33c3044ddd929bf2d792838825ac758b50b47a712867a5ddff9e092
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1