www.riftrefunds.co.uk Open in urlscan Pro
2a02:26f0:ef:18c::38a3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://riftrefunds.co.uk/
Effective URL:
https://www.riftrefunds.co.uk/
Submission: On April 28 via api (April 28th 2022, 5:58:24 am UTC) from GB — Scanned from GB

Summary HTTP 122 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 28 domains to perform 122 HTTP transactions. The main IP is 2a02:26f0:ef:18c::38a3, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.riftrefunds.co.uk.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 18th 2022. Valid for: 2 months.

This is the only time www.riftrefunds.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	134.213.234.124 134.213.234.124	15395 (RACKSPACE...) (RACKSPACE-LON)
29	2a02:26f0:ef:... 2a02:26f0:ef:18c::38a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	108.157.4.10 108.157.4.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.93 143.204.98.93	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
5	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2 6	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	108.157.1.118 108.157.1.118	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	52.49.107.79 52.49.107.79	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	75.2.113.184 75.2.113.184	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	143.204.98.115 143.204.98.115	16509 (AMAZON-02) (AMAZON-02)
1 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	54.88.35.61 54.88.35.61	14618 (AMAZON-AES) (AMAZON-AES)
4	52.216.226.51 52.216.226.51	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	38

2 134.213.234.124 (United Kingdom) 2 redirects

ASN15395 (RACKSPACE-LON, GB)

riftrefunds.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a02:26f0:ef:18c::38a3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.riftrefunds.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.157.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-10.dus51.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-93.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

widgets.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

9918873.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.1.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-1-118.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.107.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-107-79.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.113.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: a60635abdcce33592.awsglobalaccelerator.com

capi.riftrefunds.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-115.fra50.r.cloudfront.net

alive5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.88.35.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-35-61.compute-1.amazonaws.com

api-v2.alive5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.216.226.51 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	riftrefunds.co.uk 2 redirects riftrefunds.co.uk www.riftrefunds.co.uk capi.riftrefunds.co.uk	319 KB
11	alive5.com alive5.com — Cisco Umbrella Rank: 57236 api-v2.alive5.com — Cisco Umbrella Rank: 63257	248 KB
11	doubleclick.net 4 redirects 9918873.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 71 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
9	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5768	46 KB
7	google.de 2 redirects www.google.de — Cisco Umbrella Rank: 6408 adservice.google.de — Cisco Umbrella Rank: 8897	2 KB
7	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 634 adservice.google.com — Cisco Umbrella Rank: 61 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4577	67 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 105	51 KB
5	gstatic.com fonts.gstatic.com	55 KB
4	amazonaws.com s3.amazonaws.com	28 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 575 script.hotjar.com — Cisco Umbrella Rank: 828 vars.hotjar.com — Cisco Umbrella Rank: 866 in.hotjar.com — Cisco Umbrella Rank: 1631	69 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	3 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1393 insight.adsrvr.org — Cisco Umbrella Rank: 529 match.adsrvr.org — Cisco Umbrella Rank: 325	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	12 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	25 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	315 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 396	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	171 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	149 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 810	631 B
1	t.co t.co — Cisco Umbrella Rank: 484	338 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 490	355 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2612	13 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 570	10 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2303	18 KB
1	getsitecontrol.com widgets.getsitecontrol.com — Cisco Umbrella Rank: 12570	863 B
0	bootstrapcdn.com Failed netdna.bootstrapcdn.com Failed
122	28

	Domain	Requested by
29	www.riftrefunds.co.uk	www.riftrefunds.co.uk
9	widget.trustpilot.com	www.riftrefunds.co.uk widget.trustpilot.com
8	alive5.com	www.riftrefunds.co.uk alive5.com
6	9918873.fls.doubleclick.net	2 redirects www.googletagmanager.com adservice.google.com
6	dev.visualwebsiteoptimizer.com	www.riftrefunds.co.uk dev.visualwebsiteoptimizer.com
5	www.google.de	www.riftrefunds.co.uk 9918873.fls.doubleclick.net
5	www.googleadservices.com	www.googletagmanager.com 9918873.fls.doubleclick.net www.googleadservices.com
5	fonts.gstatic.com	fonts.googleapis.com
4	s3.amazonaws.com	alive5.com
4	www.google.com	2 redirects www.riftrefunds.co.uk
4	fonts.googleapis.com	www.riftrefunds.co.uk alive5.com
3	api-v2.alive5.com	alive5.com
3	googleads.g.doubleclick.net	2 redirects www.googleadservices.com
3	bat.bing.com	www.riftrefunds.co.uk bat.bing.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.riftrefunds.co.uk
2	cdnjs.cloudflare.com	alive5.com
2	adservice.google.de	2 redirects
2	www.facebook.com	www.riftrefunds.co.uk
2	capi.riftrefunds.co.uk	connect.facebook.net
2	adservice.google.com	9918873.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	www.riftrefunds.co.uk s.yimg.com
2	connect.facebook.net	www.riftrefunds.co.uk connect.facebook.net
2	www.googletagmanager.com	www.riftrefunds.co.uk www.googletagmanager.com
2	riftrefunds.co.uk	2 redirects
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	sp.analytics.yahoo.com	www.riftrefunds.co.uk
1	t.co	www.riftrefunds.co.uk
1	analytics.twitter.com	www.riftrefunds.co.uk
1	in.hotjar.com	script.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	d.impactradius-event.com	www.riftrefunds.co.uk
1	static.ads-twitter.com	www.googletagmanager.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	cdn.mxpnl.com	www.riftrefunds.co.uk
1	widgets.getsitecontrol.com	www.riftrefunds.co.uk
1	static.hotjar.com	www.riftrefunds.co.uk
0	netdna.bootstrapcdn.com Failed	www.riftrefunds.co.uk
122	41

This site contains links to these domains. Also see Links.

Domain
app.riftrefunds.co.uk
www.riftgroup.com
www.riftresearch.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
secure10.san1.raxcdn.com DigiCert SHA2 Secure Server CA	`2022-04-18` - `2022-06-30`	2 months	crt.sh
*.trustpilot.com Amazon	`2022-03-04` - `2023-04-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-04` - `2022-05-05`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-10` - `2023-01-06`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-04-25` - `2022-06-15`	2 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-12-13` - `2022-12-12`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
capi.riftrefunds.co.uk R3	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.alive5.com Amazon	`2021-11-04` - `2022-12-02`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.riftrefunds.co.uk/
Frame ID: 0BA8EA23CF0A5C8474D36C5B50C703B8
Requests: 88 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
Frame ID: C3D270AEB0EE33758E744CA19FB96474
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Frame ID: EAD837C49F8C56B47F3319F4845B495A
Requests: 1 HTTP requests in this frame

Frame: https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: 1FE4975FA7D64A7ABD51117C16A96A95
Requests: 1 HTTP requests in this frame

Frame: https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: 9A0DB8790380AC199374FD9FC1A017AD
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
Frame ID: FAB866DD2AD675BCD4F5599D208613B6
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: CEC6C8C8DDD182C8AB857F6820B2C3D5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: 1AA130AE21DE2067C6555B9DC1645ABB
Requests: 1 HTTP requests in this frame

Frame: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: 3B2445E260E314896ADBB6DD665EA862
Requests: 4 HTTP requests in this frame

Frame: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
Frame ID: 76981EA7F7C4624D2DCA72202C5139A7
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 46417410ED2DF63094311691C776E290
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0
Frame ID: C55C49C44DB074527912693A5E1FBAFC
Requests: 1 HTTP requests in this frame

Frame: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
Frame ID: 27A62EE4FB6747E1D2550E542B01D501
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HMRC Tax Refunds | Claim Your Tax Rebate | RIFT Tax Refunds

Page URL History Show full URLs

http://riftrefunds.co.uk/ HTTP 301
https://riftrefunds.co.uk/ HTTP 301
https://www.riftrefunds.co.uk/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Page Statistics

122
Requests

98 %
HTTPS

46 %
IPv6

28
Domains

41
Subdomains

38
IPs

6
Countries

1321 kB
Transfer

3835 kB
Size

34
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://app.riftrefunds.co.uk/users/sign_in?agid=dr_www.riftrefunds.co.uk
Title: MY RIFT

Search URL Search Domain Scan URL

URL: https://app.riftrefunds.co.uk/users/sign_up?questionnaire=t&stages=WyIxIiwiOCJd&question=q2&sector=construction&agid=dr_www.riftrefunds.co.uk
Title: Construction or Trades Start for free >

Search URL Search Domain Scan URL

URL: https://app.riftrefunds.co.uk/users/sign_up?questionnaire=t&stages=WyIxIiwiMiJd&question=q2a&sector=MOD&title=PAYE&agid=dr_www.riftrefunds.co.uk
Title: Armed Forces Start for free >

Search URL Search Domain Scan URL

URL: https://app.riftrefunds.co.uk/users/sign_up?questionnaire=t&stages=WyIxIiwiMTIiXQ%3D%3D&question=q2&sector=offshore&agid=dr_www.riftrefunds.co.uk
Title: Offshore Start for free >

Search URL Search Domain Scan URL

URL: https://app.riftrefunds.co.uk/users/sign_up?questionnaire=t&stages=WyIxIiwiMTUiXQ%3D%3D&question=q2&sector=security&agid=dr_www.riftrefunds.co.uk
Title: Security Start for free >

Search URL Search Domain Scan URL

URL: https://app.riftrefunds.co.uk/users/sign_up?questionnaire=t&agid=dr_www.riftrefunds.co.uk
Title: Start for free >

Search URL Search Domain Scan URL

URL: https://www.riftgroup.com/
Title: Rift Group

Search URL Search Domain Scan URL

URL: http://www.riftresearch.com/?agid=dr_www.riftrefunds.co.uk
Title: Rift R&D Tax Credit

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RIFTtaxrefunds
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/RIFTtaxrefunds
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rift_refunds/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9HFhuVgvOuIT1Wphdv5ITg
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://riftrefunds.co.uk/ HTTP 301
https://riftrefunds.co.uk/ HTTP 301
https://www.riftrefunds.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://9918873.fls.doubleclick.net/activityi;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F HTTP 302
https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Request Chain 45

https://9918873.fls.doubleclick.net/activityi;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F HTTP 302
https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Request Chain 81

https://adservice.google.de/ddm/fls/i/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F HTTP 302
https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Request Chain 82

https://adservice.google.de/ddm/fls/i/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F HTTP 302
https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_CxqYvLQC4q3mLAPt4etyAU&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYvLQC4q3mLAPt4etyAU&cid=CAQSKQCNIrLMAqFLEGxuUjdFlPalJpLtQhv3-ZoLtEHMt18SwZgd2jxf867L&random=739606994&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYvLQC4q3mLAPt4etyAU&cid=CAQSKQCNIrLMAqFLEGxuUjdFlPalJpLtQhv3-ZoLtEHMt18SwZgd2jxf867L&random=739606994&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=_CxqYuKRDYuqlgTk9qewCQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYuKRDYuqlgTk9qewCQ&cid=CAQSKQCNIrLMCp6d85m-P8lyBEo6RZxVjrAwhajwXBaCU2VPNvy3wW99DhiA&random=612016092&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYuKRDYuqlgTk9qewCQ&cid=CAQSKQCNIrLMCp6d85m-P8lyBEo6RZxVjrAwhajwXBaCU2VPNvy3wW99DhiA&random=612016092&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 98

https://insight.adsrvr.org/track/up?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.riftrefunds.co.uk/
Redirect Chain

http://riftrefunds.co.uk/
https://riftrefunds.co.uk/
https://www.riftrefunds.co.uk/

74 KB
15 KB

832ms
353ms

Document
text/html

2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ee9f2921012489f927e1322842b325cb96387f99615d62801332ae156c71b84d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 15134
content-type: text/html; charset=utf-8
date: Thu, 28 Apr 2022 05:58:18 GMT
vary: Accept-Encoding

Redirect headers

content-length: 153
content-type: text/html; charset=UTF-8
date: Thu, 28 Apr 2022 05:58:12 GMT
location: https://www.riftrefunds.co.uk/
server: Microsoft-IIS/8.5

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 19 KB
6 KB 163ms
53ms Script
application/x-javascript 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b99590413d5e22ce7b94d73504a5f39b600e5cb766bee40ae2b80427add977a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 8667
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 28 Apr 2022 03:33:52 GMT
content-length: 6094
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Feb 2022 14:34:25 GMT
server: AmazonS3
etag: "7994b24c56b0cf0251f3a2dd842273be"
content-type: application/x-javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: fsq9d01mr-xkrNALGBXVXQb2_6RqvsEKEcVT6XgCU2VTA0MKbAEReQ==

GET
H2 200 DependencyHandler.axd
www.riftrefunds.co.uk/ 103 KB
17 KB 79ms
79ms Stylesheet
text/css 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9hc3NldHMvZm9udHMuY3NzOy9jc3MvYXNzZXRzL2Jvb3RzdHJhcC5taW4uY3NzOw&t=Css&cdv=258096563
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: b514369337bc361b8eeb6a96a82d5ffd883e25cb00938ffce7f07bab5256713b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 14:40:25 GMT
server: Microsoft-IIS/8.5
etag: "239c859b951a24232898bf3406f0304e"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, max-age=808936, s-maxage=808936
content-length: 16657
expires: Sat, 07 May 2022 14:40:25 GMT

GET
H2 200 DependencyHandler.axd
www.riftrefunds.co.uk/ 112 KB
17 KB 162ms
162ms Stylesheet
text/css 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: eb1c2af20effd46a5befdf3925b865a14a5730a97cf7c7e82bc2f4fb206bd2a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 14:40:53 GMT
server: Microsoft-IIS/8.5
etag: "39ce3f4dfb11b1647d5aa5a8cbcd4784"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, max-age=808964, s-maxage=808964
content-length: 17104
expires: Sat, 07 May 2022 14:40:53 GMT

GET
H2 200 hotjarforriftrefunds.js Show response
www.riftrefunds.co.uk/media/3265/ 394 B
539 B 63ms
63ms Script
application/javascript 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/media/3265/hotjarforriftrefunds.js?version=27042022024003&
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d2745817d8233201a1972093475a7866dbb5b1e37f94364e200a568ceab9f893

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=2536957
last-modified: Wed, 26 Aug 2020 16:09:04 GMT
accept-ranges: bytes
etag: "e78f3438c37bd61:0"
content-length: 394
content-type: application/javascript

GET
H2 200 logo-white.png
www.riftrefunds.co.uk/css/img/ 502 B
635 B 60ms
59ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/logo-white.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c03a35a136ce87285258d19e8d54dd90ae3f3ee5cd04c9a18f90982f15642b9f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=468017
last-modified: Thu, 10 Mar 2022 13:36:42 GMT
accept-ranges: bytes
etag: "0118be08334d81:0"
content-length: 502
content-type: image/png

GET
H2 200 loader.png
www.riftrefunds.co.uk/css/img/ 95 B
229 B 61ms
60ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/loader.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=1817941
last-modified: Mon, 11 Apr 2022 18:00:48 GMT
accept-ranges: bytes
etag: "0c8b612ce4dd81:0"
content-length: 95
content-type: image/png

GET
H2 200 DependencyHandler.axd Show response
www.riftrefunds.co.uk/ 213 KB
66 KB 82ms
81ms Script
application/x-javascript 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c1d6e2272a0c73bb019d63bf1f8310105d9aafca24ea6db417e092ca1eddac3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Wed, 27 Apr 2022 14:40:25 GMT
server: Microsoft-IIS/8.5
etag: "95a6ae20d372c414c4fdc3a0adc6f4c1"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, must-revalidate, proxy-revalidate, max-age=808935, s-maxage=808935
content-length: 66861
expires: Sat, 07 May 2022 14:40:25 GMT

GET
H2 200 mixpanel-production.js Show response
www.riftrefunds.co.uk/media/1562/ 2 KB
1 KB 63ms
62ms Script
application/javascript 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/media/1562/mixpanel-production.js
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7c3cb7a8bd20ec96deba9d9a3c60644901336c70349a9aca18172092e72b287

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Wed, 05 Jul 2017 07:56:04 GMT
etag: "c4b9d92664f5d21:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2314121
accept-ranges: bytes
content-length: 1087

GET
H2 200 sitewide.js Show response
www.riftrefunds.co.uk/scripts/rift/ 883 B
680 B 65ms
64ms Script
application/javascript 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/scripts/rift/sitewide.js?version=27042022024003&
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3af9168102afff223dc80ea3396c58c94c6ecc15607ff07220df47fa8d6deff6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Mon, 11 Apr 2022 18:00:48 GMT
etag: "0c8b612ce4dd81:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2536911
accept-ranges: bytes
content-length: 516

GET
H2 200 vwo.js Show response
www.riftrefunds.co.uk/media/3344/ 1 KB
807 B 70ms
70ms Script
application/javascript 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/media/3344/vwo.js?version=27042022024003&
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: db48153425bed93167b468b2831df94b35f15ebcdaf8f6b44270d021eed29df9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 10:46:53 GMT
etag: "f04bd00ce9bd61:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2537082
accept-ranges: bytes
content-length: 643

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
82 KB 197ms
81ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34354b9d9fb30ac3fb0a12038af4c8aae605ab187b9cb8be3253421eb015dfbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83450
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Apr 2022 05:58:18 GMT

GET bootstrap-glyphicons.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 179ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9hc3NldHMvZm9udHMuY3NzOy9jc3MvYXNzZXRzL2Jvb3RzdHJhcC5taW4uY3NzOw&t=Css&cdv=258096563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f23b00cb8f7b4689bfbd1c92e599155dfdd60ef749d1d3a20bdeb4a92c1bc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 05:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 05:58:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 05:58:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 99ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6aa729099433f25b1c7abc391fbc7851ba7c8724b187688d1877fb9299594bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 05:58:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 05:58:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 05:58:18 GMT

GET
H2 200 hotjar-153662.js Show response
static.hotjar.com/c/ 26 KB
4 KB 205ms
87ms Script
application/javascript 143.204.98.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-153662.js?sv=6

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/media/3265/hotjarforriftrefunds.js?version=27042022024003&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-93.fra50.r.cloudfront.net

Software

Resource Hash

97935b983274b399f0e5d20be19c8df038494a73a994e119118c15b0960180f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/535a42dbf991662165d833baf1443ac6
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ruS2Jr0Vb1F_QAI9CGGUuVRhQuoZ13-4WoVw1G9swfBjozSlbrLfpw==
via: 1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)

GET
H2 200 sprite-retina-utility.png
www.riftrefunds.co.uk/css/img/ 3 KB
3 KB 60ms
60ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/sprite-retina-utility.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2cda1f5f6806246341ea4608b6fa467378e3b602497b8608419ca88b80b58153

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=628615
last-modified: Thu, 10 Mar 2022 13:36:42 GMT
accept-ranges: bytes
etag: "0118be08334d81:0"
content-length: 3206
content-type: image/png

GET
H2 200 sprite2.png
www.riftrefunds.co.uk/css/img/ 3 KB
3 KB 62ms
62ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/sprite2.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 80730c3d8084dbca4f1060a59d64b394df5191ba87c7d14df213b63a73dc4f60

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=628635
last-modified: Thu, 10 Mar 2022 13:36:42 GMT
accept-ranges: bytes
etag: "0118be08334d81:0"
content-length: 3043
content-type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 186ms
70ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 37916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:26:22 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 172ms
57ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 37916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:26:22 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 236ms
120ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 37916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:26:22 GMT

GET
H2 200 spinner50px.gif
www.riftrefunds.co.uk/css/img/ 38 KB
38 KB 92ms
91ms Image
image/gif 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/spinner50px.gif
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63893e1db5495431ccf8a391c7b47f58c4b34e6707a88a7dac051ba97343c1f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=2350921
last-modified: Mon, 11 Apr 2022 18:00:48 GMT
accept-ranges: bytes
etag: "0c8b612ce4dd81:0"
content-length: 38438
content-type: image/gif

GET
H2 200 arrow-white-right.png
www.riftrefunds.co.uk/css/img/ 164 B
412 B 177ms
177ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/arrow-white-right.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4a6dd50e4832ef2c672a668291f651862cbfdf497e58853f0b65b851bc9386f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
last-modified: Tue, 12 Apr 2022 09:27:22 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "10c689834f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2591987
accept-ranges: bytes
content-length: 164
expires: Sat, 28 May 2022 05:58:05 GMT

GET
H2 200 bullet.png
www.riftrefunds.co.uk/css/img/ 135 B
270 B 100ms
100ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/bullet.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0756f1403504ad0dbe3f540970a5c860dc2342cb00347738dc59acd2e62c724e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=2286242
last-modified: Mon, 11 Apr 2022 18:00:48 GMT
accept-ranges: bytes
etag: "0c8b612ce4dd81:0"
content-length: 135
content-type: image/png

GET
H2 200 social-icons.png
www.riftrefunds.co.uk/css/img/ 2 KB
3 KB 98ms
98ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/social-icons.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 466dfe584dcb4d922cad59118de06da9c273caf5f3fbf9ca1e9cc15d60dc0e1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=628603
last-modified: Thu, 10 Mar 2022 13:36:42 GMT
accept-ranges: bytes
etag: "0118be08334d81:0"
content-length: 2436
content-type: image/png

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 203ms
110ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 37954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 227ms
135ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,700|Source+Sans+Pro:400,600,700,400italic|Playfair+Display:700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:25:44 GMT
x-content-type-options: nosniff
age: 37954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:25:44 GMT

GET
H2 200 script.js Show response
widgets.getsitecontrol.com/108858/ 52 B
863 B 352ms
226ms Script
text/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.getsitecontrol.com/108858/script.js
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: GT1A42TWY2HTJSSB
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/29/2022 19:22:21
cdn-pullzone: 44619
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: e3y3mGHeiWyKweRa4Cicseqp2XYuzTbeLQXj0NIDcZEu59O9O9m2hGG6DCmUmJdG5kiNlrCvNCE=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 04 Sep 2019 15:00:11 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"1c4f786dc4af5c7913a515ccb627ab9e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: b67afcfdb85dff9e8000cb5d41ccfe8b
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 187ms
54ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/media/1562/mixpanel-production.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:52:13 GMT
content-encoding: gzip
age: 365
x-guploader-uploadid: ADPycdueVlO7_yn0SI3u7jgKqwFF6gBTwr4hd81A2K7TlmIeLR5nURJbh9b4nUVbptrwYZOh1lkqBY7Z-BZfLXab0Eydvg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-generation: 1645129310876382
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 28 Apr 2022 06:02:13 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame C3D2 6 KB
2 KB 52ms
52ms Document
text/html 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3d06be8f75a1649ff5c8a193a54c041e2f0706e3ee880b2457b5133e2e0438a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 72997
cache-control: max-age=86400
content-encoding: gzip
content-length: 1843
content-type: text/html
date: Wed, 27 Apr 2022 09:41:42 GMT
etag: "8e4207bd9e7d6f6d376f7ea95a0db7a5"
last-modified: Mon, 21 Mar 2022 13:54:29 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-id: C_pmjnEQSIc_NrACbynomdgKgPW__Zjxc9GpaoKMTtN4JbCmMdYtyg==
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 38 KB
10 KB 178ms
59ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=498506&u=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&r=0.9690434145520563
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/media/3344/vwo.js?version=27042022024003&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: a710c9ece3b80012ddf6ffc4d9d00066d9b309724df18be5844394e445ff5089

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 / Show response
www.riftrefunds.co.uk/api/cookietracking/getquerystringparams/ 30 B
144 B 81ms
80ms XHR
application/json 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/api/cookietracking/getquerystringparams/
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 575fa55b0d28f9d45511ea625fa100f67f160b12d6671ae1a5d4aaae67f70132

Request headers

Accept: */*
Referer: https://www.riftrefunds.co.uk/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: no-cache
expires: -1
content-length: 30
content-type: application/json; charset=utf-8

GET
H2 200 arrow-circle-grey-down.png
www.riftrefunds.co.uk/css/img/ 402 B
536 B 57ms
57ms Image
image/png 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/css/img/arrow-circle-grey-down.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4cb21080c2ab9b6b0eacefa023aed0c3b2992d140c931ff72f710c97e52b5673

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L2Nzcy9tYWluLm1pbi5jc3M7L2Nzcy9tYWluLXAyLm1pbi5jc3M7&t=Css&cdv=258096563
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: max-age=278937
last-modified: Thu, 10 Mar 2022 13:36:42 GMT
accept-ranges: bytes
etag: "0118be08334d81:0"
content-length: 402
content-type: image/png

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame C3D2 52 KB
16 KB 59ms
59ms Script
application/x-javascript 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

06232d69be380680740624d892a7d922ea689fcdee0e09a0d59261d86630007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 13430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 28 Apr 2022 02:14:29 GMT
content-length: 16200
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Mar 2022 13:54:30 GMT
server: AmazonS3
etag: "346c9072712c43d1e0c22d069eb1c6f8"
content-type: application/x-javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: SDx0eoxDUfPdbWiNlV0A9hDMH8x5yvUuBuHUmwQ5I7un3hgx9lzbMg==

GET
H2 200 / Show response
www.riftrefunds.co.uk/api/cookietracking/getsitelisturlslist/ 573 B
688 B 81ms
80ms XHR
application/json 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.riftrefunds.co.uk/api/cookietracking/getsitelisturlslist/
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 722e4f7fbfe441a453855159c5a17554030dbc165ffeb222c2781417e5fcdc1f

Request headers

Accept: */*
Referer: https://www.riftrefunds.co.uk/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
cache-control: no-cache
expires: -1
content-length: 573
content-type: application/json; charset=utf-8

GET
H2 200 modules.0076bf93c385ddf0ff58.js Show response
script.hotjar.com/ 239 KB
63 KB 184ms
67ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-153662.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 10:49:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1278552
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 63817
access-control-allow-origin: *
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
etag: "838915b4bc2438e3190a8320d0520962"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: O0crjJp1zAiybFJynuawQKOYeSS5AWweqVqyA57_TMWw2Wfhclq2NQ==

GET
H2 200 5419b732fbfb950b10de65e5 Show response
widget.trustpilot.com/trustbox-data/ Frame C3D2 851 B
815 B 87ms
86ms XHR
application/json 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=5a71ace5adce9d000131da03&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

Resource Hash

1f241d25a0d80fde137c0afa3ef77c3fbfd670f63a272b6de80d7f3ac98efe96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
strict-transport-security: max-age=31536000
content-length: 365
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "2ec9f2c57b0828b57151f01b60ac1fae"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-id: WA0yu6oKlWjtzx4bsVKZeD-4Zk4ApSByh_1G8AzmgZ-JLEqg-XCdNA==

GET
H2 204 TrustboxImpression Show response
widget.trustpilot.com/stats/ Frame C3D2 0
311 B 82ms
81ms XHR
text/plain 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5a71ace5adce9d000131da03&widgetId=5419b732fbfb950b10de65e5

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: UFcBRSkPJJ5YpZPfm1_kxfxg_ixwG3DW9mEHDR2WB0hIWqFvmZcuAw==
x-xss-protection: 1; mode=block

GET
H2 204 TrustboxView Show response
widget.trustpilot.com/stats/ Frame C3D2 0
310 B 83ms
82ms XHR
text/plain 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/stats/TrustboxView?locale=en-GB&styleHeight=24px&styleWidth=100%25&theme=light&url=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F101.0.4951.41%20Safari%2F537.36&language=en-US&platform=Linux%20x86_64&nosettings=1&businessUnitId=5a71ace5adce9d000131da03&widgetId=5419b732fbfb950b10de65e5

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-P2
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
cache-control: no-store,no-cache
x-amz-cf-id: rF-sllgKC_haLFdv_9agEIiB9Xh-vTPWBFG7TaCwNx_pXy1BwV82ig==
x-xss-protection: 1; mode=block

GET
H3 200 tag-c1833e3ada3d8b631f2c69029b0a2e21.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 167 KB
47 KB 112ms
56ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c1833e3ada3d8b631f2c69029b0a2e21.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=498506&u=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&r=0.9690434145520563
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 0f1f29f67802b0047900a91ad17a21ebff9649b57a45e4aac47a70d1fc2997de

Request headers

Referer: https://www.riftrefunds.co.uk/
Origin: https://www.riftrefunds.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:55:14 GMT
server: gfra1
etag: "62692f22-bc12"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48146
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 140ms
139ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=498506&d=riftrefunds.co.uk&u=DBA5779306052E45077D50239DA3A719B&h=1340a720931a1ec804629162b58312af&t=false&r=0.6542460632835994

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 box-4924254a9ce4dc9b959b6e4a9b662d60.html Show response
vars.hotjar.com/ Frame EAD8 2 KB
1 KB 175ms
57ms Document
text/html 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-4924254a9ce4dc9b959b6e4a9b662d60.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-153662.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9

Request headers

Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1278552
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 10:49:06 GMT
etag: "1635635016e428baa170305e9282c34a"
last-modified: Wed, 13 Apr 2022 10:48:29 GMT
vary: Accept-Encoding
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id: Jshsxu16E4PwMPUmvoRVNcA54rx-o7gqTdfsS9smEUtJ-Dnz1YxXfw==
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 73ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EH92RV9LXW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

053049462fee55dcb10ef7c2c2a3b658aa3f1c30b35fbd77a3bb94c368ac0fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68322
x-xss-protection: 0
expires: Thu, 28 Apr 2022 05:58:18 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 204ms
89ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14892
x-xss-protection: 0
server: cafe
etag: 4605403730725282575
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 05:58:19 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1409
date: Thu, 28 Apr 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 28 Apr 2022 07:34:50 GMT

GET
H3

200

activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefund... Show response
9918873.fls.doubleclick.net/ Frame 1FE4
Redirect Chain

https://9918873.fls.doubleclick.net/activityi;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefu...
https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefine...

512 B
426 B

178ms
66ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

c8501396860ce84ed9075cbd696f0813b4aa88bbd50042aa11c15a08516fc2b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.rif... Show response
9918873.fls.doubleclick.net/ Frame 9A0D
Redirect Chain

https://9918873.fls.doubleclick.net/activityi;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.r...
https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=u...

519 B
430 B

181ms
69ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

d195b7118d9720f4cfbc8e866a3869c454f06c199bf28c457be8ea8c5f2ab817

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 28 KB
10 KB 204ms
62ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 18:44:51 GMT
etag: "c47a9d4becaab89e22af7ba863c58452+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 9501
x-served-by: cache-iad-kcgs7200142-IAD, cache-muc13921-MUC

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 163ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: 6EqiM/gDqP0xC0kJap62GjjbJFo2mEWU13uZyXQ7QuXfOb50R2DPkl4SLe25Mv4tkNhR0WlPrw27Z9leY23EeA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 28 Apr 2022 05:58:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 247ms
81ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8E6310783A7B48528012FF9E22292D86 Ref B: FRA31EDGE0216 Ref C: 2022-04-28T05:58:19Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 28 Apr 2022 05:58:18 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 A2503763-818f-445b-9ec6-a2e66cbe2c981.js Show response
d.impactradius-event.com/ 41 KB
13 KB 301ms
175ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2503763-818f-445b-9ec6-a2e66cbe2c981.js
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 337c305b91b3c4bb8d5acb45061baf79df7321b9429abaac1435d1ee43fce379

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycduJCx2bor1Y-4WMuCfe6Co4jicQ44yV7leyk648GRMMZb0lC6KyH081o2JtooIzvxD8PoMHYt3FLy74_d4Wh4O0dw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12904
last-modified: Fri, 13 Nov 2020 03:21:51 GMT
server: UploadServer
etag: "804d78d3d6db345f087fbfcad9681c95"
vary: Accept-Encoding
x-goog-hash: crc32c=aal30A==, md5=gE1409bbNF8If7/K2WgclQ==
x-goog-generation: 1605237711419881
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12904
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Thu, 28 Apr 2022 06:03:19 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 164ms
51ms Script
application/x-javascript 108.157.1.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7D5KJ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.1.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-1-118.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 05:18:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 2364
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: HPEp4Ox8OvapMafhecmfzKmFh8QsZ3zKU-gROo31N5bj85pUb1JGHw==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 175ms
54ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 28 Apr 2022 05:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1535
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: iy+r3etWk/x7wVkvMeEAa6OLOAiDxcVfNy9cAc/bMrzNZqkXKTBtTi4OvfKCzoB2J0ECRDDON+E=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: BBF1J8VPN3D5NZZ5
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

POST
H2 204 collect
analytics.google.com/g/ 0
352 B 177ms
61ms Ping
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-EH92RV9LXW&gtm=2oe4p0&_p=1278057664&_z=ccd.NbB&_gaz=1&cid=1019978785.1651125499&ul=en-us&sr=1600x1200&_s=1&sid=1651125498&sct=1&seg=0&dl=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&dt=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&en=page_view&_fv=1&_nsi=1&_ss=1&up.agid_tracking=agid%3Ddr_www.riftrefunds.co.uk
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH92RV9LXW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.riftrefunds.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 169ms
55ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EH92RV9LXW&cid=1019978785.1651125499&gtm=2oe4p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EH92RV9LXW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.riftrefunds.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 185ms
69ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EH92RV9LXW&cid=1019978785.1651125499&gtm=2oe4p0&aip=1&z=1684878121

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 140ms
140ms Ping
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=64&account_id=498506&cu=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&combination=2&s=1&u=DBA5779306052E45077D50239DA3A719B&vn=7.0.206&vns=undefined&vno=undefined&eTime=1651125499030&random=0.013156304867666613

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c1833e3ada3d8b631f2c69029b0a2e21.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 index.html Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame FAB8 6 KB
2 KB 52ms
52ms Document
text/html 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3d06be8f75a1649ff5c8a193a54c041e2f0706e3ee880b2457b5133e2e0438a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 72998
cache-control: max-age=86400
content-encoding: gzip
content-length: 1843
content-type: text/html
date: Wed, 27 Apr 2022 09:41:42 GMT
etag: "8e4207bd9e7d6f6d376f7ea95a0db7a5"
last-modified: Mon, 21 Mar 2022 13:54:29 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-id: RCp6_-orHvf0VPbtbSUdgc5hpBwtOBTVpS5_ejOrlwg_XHSfIjqVdg==
x-amz-cf-pop: DUS51-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 00727-01-rift-q2-campaign-2021-landing-page4.jpg
www.riftrefunds.co.uk/media/3516/ 61 KB
62 KB 156ms
155ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/3516/00727-01-rift-q2-campaign-2021-landing-page4.jpg
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 898d3b79bf606dbc3d003ccd5c652a4307c7a5370c360680bbd5649600141edb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
last-modified: Tue, 12 Apr 2022 09:26:21 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "1bf355f4f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 62934
expires: Sat, 28 May 2022 05:58:19 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 35 KB
10 KB 84ms
83ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=498506&settings_type=1&vn=7.0&r=0.8131683496473656&exc=64
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-c1833e3ada3d8b631f2c69029b0a2e21.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: d68e6a198a0ec5c688a96279f90e09a131a920da5418e00e544593e78ca23bb0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 141ms
141ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=498506&u=DBA5779306052E45077D50239DA3A719B&s=1651125498&p=1&tags={%22si%22:{%2264%22:%222%22}}&update=1&cq=0&vn=7.0.206&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&eTime=1651125499076&random=0.06944760805847605

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:18 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 172ms
61ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1278057664&t=pageview&_s=1&dl=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&ul=en-us&de=UTF-8&dt=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAC~&jid=350208670&gjid=114015431&cid=1019978785.1651125499&tid=UA-89387535-1&_gid=2041363435.1651125499&_r=1&gtm=2wg4p0W7D5KJ&cd9=agid%3Ddr_www.riftrefunds.co.uk&z=529408441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.riftrefunds.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10141643.json Show response
s.yimg.com/wi/config/ 46 B
687 B 175ms
60ms XHR
application/octet-stream 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10141643.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b49356f3a58f2edb2298b1fc9ddb2160569559ffdb17ff7467a8bb9a3790be66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 09:18:55 GMT
x-content-type-options: nosniff
age: 74365
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: JB5R6N407120WVTS
x-amz-id-2: 6gQFKw2KCxWrPTDWgxEZ+n5P7YqMJXel2u++kVA0CrKI4sBIDAVfx+9i8pXkBaV4M78FXBZ8WC8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Mar 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Feb 2022 04:53:12 GMT
server: ATS
etag: "1f431b3024aba77297aaf62856fc8030"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: HfvKqOtdmYg4eukHkk9ox_kTBUTdDzp_
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H3 200 1508573356048005 Show response
connect.facebook.net/signals/config/ 493 KB
144 KB 173ms
118ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1508573356048005?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2201a039d8b7b73c1758c9963f40568496eb66c6c27736e5986b2f57277acd82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: boW0ulb9H3Ynkg00DcDO3mJd/BumN8M0fmkkUMGJWmc8FbaF9zqVp3s7vkCM6/1rkAI5XdxRVNQkaeBg+oVSsA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 28 Apr 2022 05:58:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651125499265
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957366318/ 2 KB
2 KB 182ms
66ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957366318/?random=1651125499128&cv=9&fst=1651125499128&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4p0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&tiba=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5189b07df691b854af34be512a7d0869d50104faab77d747486dcb629ffdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1040
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/ Frame FAB8 52 KB
16 KB 59ms
59ms Script
application/x-javascript 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

06232d69be380680740624d892a7d922ea689fcdee0e09a0d59261d86630007d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
age: 13431
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
date: Thu, 28 Apr 2022 02:14:29 GMT
content-length: 16200
x-xss-protection: 1; mode=block
last-modified: Mon, 21 Mar 2022 13:54:30 GMT
server: AmazonS3
etag: "346c9072712c43d1e0c22d069eb1c6f8"
content-type: application/x-javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: sO90qr84Bx-WhIW7inoEfLpluloFKeLIyHsEYTOti5znP_griyqJQg==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/153662/ 147 B
322 B 233ms
73ms XHR
application/json 52.49.107.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/153662/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0076bf93c385ddf0ff58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.107.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-107-79.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
355 B 247ms
149ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=o4uyv&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=e951def1-b7b4-4cf9-af26-6b1fc27624cb&tw_document_href=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 28 Apr 2022 05:58:18 GMT
server: tsa_f
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: e6ae8c9e3966ef0cdaf901f7f04b8ad9d3205915596600cc0bd720cf72210a7d
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
338 B 245ms
148ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.3.2&p_id=Twitter&p_user_id=0&txn_id=o4uyv&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=e951def1-b7b4-4cf9-af26-6b1fc27624cb&tw_document_href=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 28 Apr 2022 05:58:18 GMT
server: tsa_f
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 483fa4578bbe412d8d10ec18f1a4c991c7a8b20d107587859252fa7ff75973c8
content-length: 43

GET
H2 204 4052046.js Show response
bat.bing.com/p/action/ 0
120 B 227ms
226ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4052046.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F4AEB919FAFB460DAFA3E188319EC342 Ref B: FRA31EDGE0216 Ref C: 2022-04-28T05:58:19Z
date: Thu, 28 Apr 2022 05:58:18 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 79ms
78ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4052046&Ver=2&mid=2066a431-a7de-41f0-bd64-f1a3fc9942c4&sid=34128970c6b811ecb2a74b1cb6143c32&vid=3412e9c0c6b811ec871d7795bc6324ed&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&p=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&r=&lt=1915&evt=pageLoad&msclkid=N&sv=1&rn=693110

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 913D5184F52A4AF98E8A181983AE6032 Ref B: FRA31EDGE0216 Ref C: 2022-04-28T05:58:19Z
date: Thu, 28 Apr 2022 05:58:18 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5419b732fbfb950b10de65e5 Show response
widget.trustpilot.com/trustbox-data/ Frame FAB8 851 B
819 B 54ms
54ms XHR
application/json 108.157.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustbox-data/5419b732fbfb950b10de65e5?businessUnitId=5a71ace5adce9d000131da03&locale=en-GB

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-10.dus51.r.cloudfront.net

Software

Resource Hash

1f241d25a0d80fde137c0afa3ef77c3fbfd670f63a272b6de80d7f3ac98efe96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.trustpilot.com/trustboxes/5419b732fbfb950b10de65e5/index.html?templateId=5419b732fbfb950b10de65e5&businessunitId=5a71ace5adce9d000131da03
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Apr 2022 05:58:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 365
x-xss-protection: 1; mode=block
x-skip-cache-cookie: 0
etag: "2ec9f2c57b0828b57151f01b60ac1fae"
vary: Accept-Encoding
x-fallback-status: BYPASS
content-type: application/json; charset=utf-8
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: public,max-age=1800
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: feQM08aVjgdDeAbRy1vnh4d47QOnOg_M4cpaorbcYVZlUuHTZt0wAg==

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-89387535-1&cid=1019978785.1651125499&jid=350208670&gjid=114015431&_gid=2041363435.1651125499&_u=YCDACEAABAAAAC~&z=649461353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 28 Apr 2022 05:58:19 GMT
content-type: text/plain
access-control-allow-origin: https://www.riftrefunds.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 181ms
55ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2028%20Apr%202022%2005%3A58%3A19%20GMT&n=0&b=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&.yp=10141643&f=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 28 Apr 2022 05:58:19 GMT

GET
H2 200 dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F Show response
adservice.google.com/ddm/fls/i/ Frame CEC6 511 B
868 B 209ms
90ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: 9918873.fls.doubleclick.net
URL: https://9918873.fls.doubleclick.net/activityi;dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2460e5ea7a8ca9d6097c126d30f34bb5a506f3264de496aa5ca343ed4c332a0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9918873.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.c... Show response
adservice.google.com/ddm/fls/i/ Frame 1AA1 518 B
474 B 208ms
90ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: 9918873.fls.doubleclick.net
URL: https://9918873.fls.doubleclick.net/activityi;dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cc2c3b30adbb1c6d0b01f05e882070851b3c54a211bf29898b8f50df978e14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9918873.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/957366318/ 42 B
548 B 186ms
66ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957366318/?random=1651125499128&cv=9&fst=1651122000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&tiba=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&async=1&fmt=3&is_vtc=1&random=2958862218&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/957366318/ 42 B
64 B 185ms
66ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957366318/?random=1651125499128&cv=9&fst=1651122000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4p0&sendb=1&frm=0&url=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&tiba=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&async=1&fmt=3&is_vtc=1&random=2958862218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 422 events Show response
capi.riftrefunds.co.uk/ 0
172 B 632ms
189ms XHR
text/plain 75.2.113.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.riftrefunds.co.uk/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1508573356048005?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

75.2.113.184 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a60635abdcce33592.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.riftrefunds.co.uk
date: Thu, 28 Apr 2022 05:58:20 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 171ms
62ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1508573356048005&ev=PageView&dl=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&rl=&if=false&ts=1651125499508&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.2.1651125499504.1368958791&eid=ob3_plugin-set_3d301248655e760b1eb3bc7e022d2ec0c72a0fd0a390e111f1f9aa0da0299963&it=1651125499125&coo=false&rqm=GET

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 28 Apr 2022 05:58:19 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89387535-1&cid=1019978785.1651125499&jid=350208670&_u=YCDACEAABAAAAC~&z=545246208

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 67ms
66ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-89387535-1&cid=1019978785.1651125499&jid=350208670&_u=YCDACEAABAAAAC~&z=545246208

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F Show response
9918873.fls.doubleclick.net/ddm/fls/r/ Frame 3B24
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=...
https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefine...

853 B
530 B

70ms
69ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

8cf876eedc61ae9a2171aac4831d97f20e80c51cd50b550979b5e4c871778db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Thu, 28 Apr 2022 05:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.c... Show response
9918873.fls.doubleclick.net/ddm/fls/r/ Frame 7698
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined...
https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=u...

851 B
528 B

67ms
66ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

61215f934f74b7a8127a0225922becade66dfb3078ecd0646835600866696f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 503
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Thu, 28 Apr 2022 05:58:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:19 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 55ms
54ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1278057664&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&ul=en-us&de=UTF-8&dt=HMRC%20Tax%20Refunds%20%7C%20Claim%20Your%20Tax%20Rebate%20%7C%20RIFT%20Tax%20Refunds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=OPEN%20CRO&ea=Test%20loaded&el=OPEN014%20-%20Variation%202&ev=0&_u=aDDACEABBAAAAC~&jid=&gjid=&cid=1019978785.1651125499&tid=UA-89387535-1&_gid=2041363435.1651125499&gtm=2wg4p0W7D5KJ&cd9=agid%3Ddr_www.riftrefunds.co.uk&cd4=OPEN014%20-%20Variation%202&z=1109572311

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 18:33:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41115
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 7698 44 KB
17 KB 236ms
96ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9918873.fls.doubleclick.net
URL: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CMbB5-aJtvcCFaIcBgAd1YMFPw;src=9918873;type=gener0;cat=rift-00;ord=1;num=3925209991075;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17225
x-xss-protection: 0
server: cafe
etag: 16958488767326041532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 05:58:20 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 3B24 44 KB
17 KB 213ms
74ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 9918873.fls.doubleclick.net
URL: https://9918873.fls.doubleclick.net/ddm/fls/r/dc_pre=CJu_5-aJtvcCFfwfBgAdPwcKBg;src=9918873;type=gener0;cat=rift-0;ord=2151063596209;gtm=2wg4p0;auiddc=1360173387.1651125499;u1=undefined;u3=undefined;~oref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17225
x-xss-protection: 0
server: cafe
etag: 16958488767326041532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 05:58:20 GMT

POST
H2 422 events Show response
capi.riftrefunds.co.uk/ 0
171 B 189ms
189ms XHR
text/plain 75.2.113.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://capi.riftrefunds.co.uk/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1508573356048005?v=2.9.57&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

75.2.113.184 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a60635abdcce33592.awsglobalaccelerator.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.riftrefunds.co.uk
date: Thu, 28 Apr 2022 05:58:20 GMT
access-control-allow-credentials: true
vary: origin
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 4641 0
18 B 110ms
54ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.riftrefunds.co.uk
Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.riftrefunds.co.uk
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 28 Apr 2022 05:58:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/648116069/ Frame 3B24 2 KB
1 KB 65ms
64ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/648116069/?random=1651125500135&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

317657d062ac0b36e6f6dff02f4900c7fc81e46d968ee9bbcac022d54d8fe440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1246
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/648116069/ Frame 7698 2 KB
1 KB 65ms
63ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/648116069/?random=1651125500175&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

cafe /

Resource Hash

09dacb43ebc9bebd1e43ba0d0abe836575663d1149d2e695931d9c72a7c6cdf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/648116069/ Frame 3B24
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
https://www.google.com/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
https://www.google.de/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...

42 B
64 B

72ms
71ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYvLQC4q3mLAPt4etyAU&cid=CAQSKQCNIrLMAqFLEGxuUjdFlPalJpLtQhv3-ZoLtEHMt18SwZgd2jxf867L&random=739606994&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/648116069/?random=886944109&cv=9&fst=1651125500135&num=1&npa=1&label=ySG9CM6j-O0BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJu_5-aJtvcCFfwfBgAdPwcKBg%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-0%3Bord%3D2151063596209%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYvLQC4q3mLAPt4etyAU&cid=CAQSKQCNIrLMAqFLEGxuUjdFlPalJpLtQhv3-ZoLtEHMt18SwZgd2jxf867L&random=739606994&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/648116069/ Frame 7698
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
https://www.google.com/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=...
https://www.google.de/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1...

42 B
64 B

71ms
70ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYuKRDYuqlgTk9qewCQ&cid=CAQSKQCNIrLMCp6d85m-P8lyBEo6RZxVjrAwhajwXBaCU2VPNvy3wW99DhiA&random=612016092&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://9918873.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Apr 2022 05:58:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/648116069/?random=940572514&cv=9&fst=1651125500175&num=1&npa=1&label=l2aQCNTkiO4BEOXuhbUC&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9918873.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMbB5-aJtvcCFaIcBgAd1YMFPw%3Bsrc%3D9918873%3Btype%3Dgener0%3Bcat%3Drift-00%3Bord%3D1%3Bnum%3D3925209991075%3Bgtm%3D2wg4p0%3Bauiddc%3D1360173387.1651125499%3Bu1%3Dundefined%3Bu3%3Dundefined%3B~oref%3Dhttps%253A%252F%252Fwww.riftrefunds.co.uk%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=_CxqYuKRDYuqlgTk9qewCQ&cid=CAQSKQCNIrLMCp6d85m-P8lyBEo6RZxVjrAwhajwXBaCU2VPNvy3wW99DhiA&random=612016092&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a5app.js Show response
alive5.com/js/ 9 KB
4 KB 206ms
57ms Script
text/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/a5app.js

Requested by

Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/scripts/rift/sitewide.js?version=27042022024003&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ea9f0340ebef456ad498a87f2727c12d69b6c8d226426cd0fab206b30896cfa1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:49:52 GMT
server: AmazonS3
age: 80861
etag: "77a645d523ec6d3885f4b3cf6db3ca5a"
x-cache: Hit from cloudfront
x-amz-version-id: uiFrCrAhf5tk6VNqYxCVTxBICdMpdzLU
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
date: Wed, 27 Apr 2022 07:51:20 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 3922
x-amz-cf-id: lt5rdrtO8Z9e6lOpmAe47Yyped8H9QyXPyDt_KBU_1t5HNylxBtCZg==

GET
H2 200 our_expertise_the-safest-hands-in-the-business.png
www.riftrefunds.co.uk/media/2050/ 4 KB
4 KB 96ms
91ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2050/our_expertise_the-safest-hands-in-the-business.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2e4aefbc544311bf73253049aa5f5ab1996bbebe7901ed24eaea19cdc5f5f0b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "81b937e74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 4278
expires: Sat, 28 May 2022 05:58:20 GMT

GET
H2 200 1-to-1-advice.png
www.riftrefunds.co.uk/media/2036/ 3 KB
3 KB 97ms
93ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2036/1-to-1-advice.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 73857f11e26acd2bac662ae9d15ce0a13c0a8fa580db0f5a979796f10db7121d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "777e3ce74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 2700
expires: Sat, 28 May 2022 05:58:20 GMT

GET
H2 200 refer_a_friend.png
www.riftrefunds.co.uk/media/2055/ 4 KB
4 KB 130ms
126ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2055/refer_a_friend.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 29d17d1c4e295d95dd97f721ca118863f5ea45822d071587d9a75778400ff831

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "be546e74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 3590
expires: Sat, 28 May 2022 05:58:20 GMT

GET
H2 200 track_your_claim_online.png
www.riftrefunds.co.uk/media/2059/ 2 KB
3 KB 126ms
124ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2059/track_your_claim_online.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0a92828a9c8aa42bf82f5e3171cdd24686b7d8fd09efff0ba1cb081d2cd66672

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "2f1c3ae74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2591990
accept-ranges: bytes
content-length: 2462
expires: Sat, 28 May 2022 05:58:10 GMT

GET
H2 200 00727-01-rift-q2-campaign-2021-landing-page4.jpg
www.riftrefunds.co.uk/media/3516/ 61 KB
62 KB 116ms
115ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/3516/00727-01-rift-q2-campaign-2021-landing-page4.jpg
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 898d3b79bf606dbc3d003ccd5c652a4307c7a5370c360680bbd5649600141edb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:26:21 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "1bf355f4f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 62934
expires: Sat, 28 May 2022 05:58:20 GMT

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame C55C
Redirect Chain

https://insight.adsrvr.org/track/up?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0

0
181 B

62ms
55ms

Document
text/html

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Thu, 28 Apr 2022 05:58:20 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Thu, 28 Apr 2022 05:58:20 GMT
location: https://match.adsrvr.org/track/upb/?adv=3022zd6&ref=https%3A%2F%2Fwww.riftrefunds.co.uk%2F&upid=lchtyx7&upv=1.1.0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 our_expertise_the-safest-hands-in-the-business.png
www.riftrefunds.co.uk/media/2050/ 4 KB
4 KB 90ms
89ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2050/our_expertise_the-safest-hands-in-the-business.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2e4aefbc544311bf73253049aa5f5ab1996bbebe7901ed24eaea19cdc5f5f0b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "81b937e74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2591962
accept-ranges: bytes
content-length: 4278
expires: Sat, 28 May 2022 05:57:42 GMT

GET
H2 200 1-to-1-advice.png
www.riftrefunds.co.uk/media/2036/ 3 KB
3 KB 86ms
85ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2036/1-to-1-advice.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 73857f11e26acd2bac662ae9d15ce0a13c0a8fa580db0f5a979796f10db7121d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "777e3ce74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2592000
accept-ranges: bytes
content-length: 2700
expires: Sat, 28 May 2022 05:58:20 GMT

GET
H2 200 track_your_claim_online.png
www.riftrefunds.co.uk/media/2059/ 2 KB
3 KB 91ms
89ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2059/track_your_claim_online.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0a92828a9c8aa42bf82f5e3171cdd24686b7d8fd09efff0ba1cb081d2cd66672

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "2f1c3ae74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2591984
accept-ranges: bytes
content-length: 2462
expires: Sat, 28 May 2022 05:58:04 GMT

GET
H2 200 refer_a_friend.png
www.riftrefunds.co.uk/media/2055/ 4 KB
4 KB 86ms
85ms Image
image/webp 2a02:26f0:ef:18c::38a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.riftrefunds.co.uk/media/2055/refer_a_friend.png
Requested by: Host: www.riftrefunds.co.uk
URL: https://www.riftrefunds.co.uk/DependencyHandler.axd?s=L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS52YWxpZGF0ZS51bm9idHJ1c2l2ZS5taW4uanM7L3NjcmlwdHMvYXNzZXRzL2pxdWVyeS5sYXp5Lm1pbi5qczsvc2NyaXB0cy9hc3NldHMvYm9vdHN0cmFwLm1pbi5qczsvc2NyaXB0cy9hc3NldHMvanF1ZXJ5LnRvdWNoU3dpcGUubWluLmpzOy9zY3JpcHRzL2Fzc2V0cy9qcXVlcnkubWF0Y2hIZWlnaHQtbWluLmpzOy9zY3JpcHRzL21haW4uanM7L3NjcmlwdHMvY29va2llLnRyYWNraW5nLmpzOy9zY3JpcHRzL2xpYnMvbGl0ZVlvdVR1YmVWaWRlb3MuanM7&t=Javascript&cdv=258096563
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:ef:18c::38a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 29d17d1c4e295d95dd97f721ca118863f5ea45822d071587d9a75778400ff831

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:20 GMT
last-modified: Tue, 12 Apr 2022 09:30:09 GMT
imageprocessedby: ImageProcessor/2.8.0.152 - ImageProcessor.Web/4.11.0.152
etag: "be546e74f4ed81:0"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, must-revalidate, max-age=2591985
accept-ranges: bytes
content-length: 3590
expires: Sat, 28 May 2022 05:58:05 GMT

GET
H2 200 widget-min.js Show response
alive5.com/js/ 36 KB
12 KB 64ms
63ms Script
text/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/widget-min.js?s=1650638978826

Requested by

Host: alive5.com
URL: https://alive5.com/js/a5app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cd49d865060a77d83e34a641f67211e8036290908a40c7f6b2804331134e1eef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:49:52 GMT
server: AmazonS3
age: 80867
etag: "f971aaf7aeb31eec62df54a89e4f3934"
x-cache: Hit from cloudfront
x-amz-version-id: n1j9QGO4LzQJHFpO6yckovkplhITuNfn
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
date: Wed, 27 Apr 2022 07:51:21 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 11394
x-amz-cf-id: gHbusY5KAhHvbO3wIZOefI40LvpmlzetT-4CL8b85MqWN77RcsvunQ==

GET
H2 200 widget.bundle.css
alive5.com/css/ 36 KB
5 KB 60ms
60ms Stylesheet
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/css/widget.bundle.css

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1650638978826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

dfa5bfec72fc9e5bfdb0bc2cf350ae19764ed21b64e63a855eaba64c5762c4e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:49:53 GMT
server: AmazonS3
age: 83806
etag: "c06d73557ee522ff94571340a00c2ee3"
x-cache: Hit from cloudfront
x-amz-version-id: ZG55R6Tjh8V1TPFvVKWZ9PcS0UMgqe4V
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
date: Wed, 27 Apr 2022 06:43:17 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
content-length: 4901
x-amz-cf-id: 4mCSNxke6kHQ6ySzzWpa_dJqXNfltey69wRZHvw9VuLq8cIk-sJ55A==

GET
H2 200 get-by-widget-id Show response
api-v2.alive5.com/1.0/widget-code/ 3 KB
2 KB 461ms
174ms XHR
application/json 54.88.35.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1650638978826

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.35.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-35-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7326d5c2b0682d8b6bd873fe7a6ace7cef5409a48ed42e5fd687b2e851ba6535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.riftrefunds.co.uk/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 28 Apr 2022 05:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"b82-HgODNW89HRgljz/VYg2fPUwO1Ek"
x-download-options: noopen
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.riftrefunds.co.uk
access-control-expose-headers: Authorization,X-A5-APIKEY
access-control-allow-credentials: true
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ 1 KB
459 B 177ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: alive5.com
URL: https://alive5.com/css/widget.bundle.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17eb9793dbc77cc15418d2f78a00d8344b7962ccc41ab7c39f520ea090c300ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 05:51:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 05:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 05:58:21 GMT

GET
H2 200 chat_window_wrap.html Show response
alive5.com/ Frame 27A6 27 KB
8 KB 72ms
71ms Document
text/html 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1650638978826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

eb55ec259cf162dca5d353e1109baeacd7576087e7c6409d998e712714dc0b15

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

Referer: https://www.riftrefunds.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1987
content-encoding: gzip
content-length: 8138
content-security-policy: frame-ancestors *
content-type: text/html
date: Thu, 28 Apr 2022 05:58:21 GMT
etag: "a0f1accaa41a8f4ac852a5f8df2a1dad"
last-modified: Fri, 22 Apr 2022 14:49:50 GMT
server: AmazonS3
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-id: 4BZGjwExNpFHugX9Gy5YBfMak7_W_UWoysgwkz0TPnjbGJpIgLGWGg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: T_GIb9sBKHHp_LHGBoBU._XhRrNos3GK
x-cache: Hit from cloudfront

GET
H2 200 icons.html Show response
alive5.com/ 13 KB
5 KB 180ms
59ms XHR
text/html 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/icons.html

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1650638978826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5e32e36d67d436fa5dc42760c7f99fc41c55709c43137a96a0c572133014170a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 0ts4V6_C.2tOtYW9jY7sGZa_WEP2w6Oe
content-encoding: gzip
etag: "c57fece4f277866b237dae4a72870d7d"
age: 18437
x-cache: Hit from cloudfront
content-length: 4965
access-control-allow-origin: *
last-modified: Fri, 22 Apr 2022 14:49:51 GMT
server: AmazonS3
date: Thu, 28 Apr 2022 01:09:33 GMT
access-control-max-age: 30000
access-control-allow-methods: GET, POST, PUT
content-type: text/html
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
access-control-expose-headers: ETag
content-security-policy: frame-ancestors *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7sdEchH6dqU64te96wQ_i1aSCGw_M8-OEeNFgwdF54tURX77DVShOA==

GET
H/1.1 200
OK riftrefunds-w1639648801480.png
s3.amazonaws.com/alive5cdn/images/widgets/upload/ 10 KB
10 KB 560ms
155ms Image
image/png 52.216.226.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/alive5cdn/images/widgets/upload/riftrefunds-w1639648801480.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.226.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91179d1a88b767aeb663d79df4ff7e770b9102f057442d8accca44365eeae130

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 05:58:22 GMT
Last-Modified: Thu, 16 Dec 2021 10:00:02 GMT
Server: AmazonS3
x-amz-request-id: JR83949GMJMRJFPE
ETag: "9fc1e7ce45e90bb003e95abbfa2d10da"
Content-Type: image/png
x-amz-version-id: 76c4anguWhFZrgvUUGmjPfn_TwzJLLR5
Accept-Ranges: bytes
Content-Length: 9866
x-amz-id-2: HX+EV7bXd1XT1/O8A/e/vkp5wiCC36SV/vxep6IvZTTHBeEWwJlQSFc1LRs83Q+iMYs7sjRUliA=

GET
H2 200 chat.bundle.css
alive5.com/css/ Frame 27A6 109 KB
18 KB 66ms
65ms Stylesheet
text/css 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/css/chat.bundle.css

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5553624a7bf34d1dff5e633922e3cdbde82dfebe78e3213fa1b84e992df434f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:49:53 GMT
server: AmazonS3
age: 80970
etag: "0426ed8dcf835d491881fd0972d8a10d"
x-cache: Hit from cloudfront
x-amz-version-id: N0FmNMQ5gYRVrsl7SGBnt4l04px179uU
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
date: Wed, 27 Apr 2022 07:51:21 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/css
content-length: 18199
x-amz-cf-id: w_wVX--HxXdbZawFx6Py4GkGUPlt0sojGuRzaiOho70vXH6ftirFUg==

GET
H3 200 css
fonts.googleapis.com/ Frame 27A6 1 KB
459 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17eb9793dbc77cc15418d2f78a00d8344b7962ccc41ab7c39f520ea090c300ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Apr 2022 04:39:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 28 Apr 2022 05:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Apr 2022 05:58:21 GMT

GET
H2 200 loader.gif
alive5.com/img/ Frame 27A6 3 KB
4 KB 216ms
215ms Image
image/gif 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alive5.com/img/loader.gif

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 14:49:54 GMT
server: AmazonS3
age: 13897
etag: "be1cede97289c13920048f238fd37b85"
x-cache: Hit from cloudfront
x-amz-version-id: gpAagH6ettTm48hIwc0IL588Uv9I8on5
date: Thu, 28 Apr 2022 02:15:33 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 3208
x-amz-cf-id: jJ5p07AWRM4ZDWoWcK1kQhF4WBqQvoMMSPM5WZ7SKdKGT2EPmrIv8g==

GET
H/1.1 200
OK ashfaqtest-wicon1544204526155.png
s3.amazonaws.com/alive5cdn/images/widgets/upload/ Frame 27A6 1 KB
2 KB 551ms
155ms Image
application/octet-stream 52.216.226.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/alive5cdn/images/widgets/upload/ashfaqtest-wicon1544204526155.png
Requested by: Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.226.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 05:58:23 GMT
Last-Modified: Fri, 07 Dec 2018 12:42:11 GMT
Server: AmazonS3
x-amz-request-id: 65W0N8C1B6B4EBPA
ETag: "6f878c9733062f3e765504ed137d0bc6"
Content-Type: application/octet-stream
x-amz-version-id: JEJEiC9HGRttaRlxNnlXqTQphBO7xIRV
Accept-Ranges: bytes
Content-Length: 1455
x-amz-id-2: vbi56NekM1QtiYaFcxIFPXDgSRsH6LF0Zm8ARkv+4d8vrUAfr8i/lnFp6J0ISxA+wIcJKX6SfYA=

GET
H2 200 chocolat.js Show response
cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/ Frame 27A6 24 KB
5 KB 143ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5303419
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3965
timing-allow-origin: *
last-modified: Fri, 26 Feb 2021 23:16:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6039816b-6044"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=136golYCCrfRV62eReMs3A2UEFgAyEHXo5RcZsC2hhk%2FN7KgBSyHsmh9jzmtAUrIbBScNb6Od6AaF4PxE94hs7tVunq5r8gXceiKp6ObSC5e7qfsJQbHHUfR9dvTkoZtNCYQO%2F2eYD9xK1TYlL1PCwKU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702d90d16d2a7759-LHR
expires: Tue, 18 Apr 2023 05:58:21 GMT

GET
H2 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/ Frame 27A6 103 KB
21 KB 143ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1860687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20711
timing-allow-origin: *
last-modified: Sun, 17 Oct 2021 02:31:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "616b8b0a-50e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFgd44m0zmfe493YlMr2te9u5wWSFvwD55i%2FnWeaf6Xr2JRNZacM3qGhWiS1TitcHqsj6UfeqJaQn9jS%2FIO9cLf9WkpLJWRfRLCllRwm3DSsoUnTzSg82CCgth13sSiLMZILdNs9QNUwqi4xQTy6F8Nq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 702d90d16d2c7759-LHR
expires: Tue, 18 Apr 2023 05:58:21 GMT

GET
H2 200 chat.bundle.js Show response
alive5.com/js/ Frame 27A6 620 KB
188 KB 77ms
75ms Script
text/javascript 143.204.98.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/chat.bundle.js?s=1650638978826

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-115.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6efff2cf18417c01313ba15e5fb5461dc95cb93bc500fa0723eb4aab3aaeebfa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: frame-ancestors *
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 14:49:52 GMT
server: AmazonS3
age: 61486
etag: "515e8c064c2e2176ccede1b9601362d2"
x-cache: Hit from cloudfront
x-amz-version-id: 3MNQ7jSpl3ffOU_d8.7CoL1SPWAX1TVc
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
date: Wed, 27 Apr 2022 12:53:53 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 191947
x-amz-cf-id: Nyow6GdrvhJ_b_xRkmPOhZH3Puvxo_B0IMORj_xRZ_Zb6R1lOdWhtg==

OPTIONS
H2 204 get-threads-byId
api-v2.alive5.com/1.0/thread/ Frame 0
0 135ms
135ms Preflight 54.88.35.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=riftrefunds&thread_id=b48a37a3-ce73-4e78-a344-d3183ffc1a7c&visitor=true&referrer=undefined&page_url=https://www.riftrefunds.co.uk/&crm_id=7ca57fcd-2801-4aff-bf7b-38c58f166538
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.35.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-35-61.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://alive5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Content-Length,X-Requested-With,X-A5-APIKEY,x-xsrf-token,Cookie
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://alive5.com
access-control-expose-headers: Authorization,X-A5-APIKEY
access-control-max-age: 86400
date: Thu, 28 Apr 2022 05:58:21 GMT
server: nginx
vary: Origin
x-powered-by: Express

GET
H2 200 get-threads-byId Show response
api-v2.alive5.com/1.0/thread/ Frame 27A6 52 B
1 KB 161ms
161ms XHR
application/json 54.88.35.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=riftrefunds&thread_id=b48a37a3-ce73-4e78-a344-d3183ffc1a7c&visitor=true&referrer=undefined&page_url=https://www.riftrefunds.co.uk/&crm_id=7ca57fcd-2801-4aff-bf7b-38c58f166538

Requested by

Host: alive5.com
URL: https://alive5.com/js/chat.bundle.js?s=1650638978826

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.88.35.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-88-35-61.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f3b9de3fb9833ebc685f370fcdf018ea6cdd31e6a77feec08a4e92187a1e5605

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQwMDg2NzYwNTc2LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJyaWZ0cmVmdW5kcyIsInR5cGUiOiJsaXZlY2hhdCIsImNybV9pZCI6IjdjYTU3ZmNkLTI4MDEtNGFmZi1iZjdiLTM4YzU4ZjE2NjUzOCIsInVzZXJfcm9sZSI6InZpc2l0b3IiLCJpYXQiOjE2NTExMjU1MDF9.GzR9WCEfvkL2GgrOBU6hl1kmIsUqZvzMiy9eEhEq6c0
Referer: https://alive5.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 05:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjQwMDg2NzYwNTc2LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJyaWZ0cmVmdW5kcyIsInR5cGUiOiJsaXZlY2hhdCIsImNybV9pZCI6IjdjYTU3ZmNkLTI4MDEtNGFmZi1iZjdiLTM4YzU4ZjE2NjUzOCIsInVzZXJfcm9sZSI6InZpc2l0b3IiLCJpYXQiOjE2NTExMjU1MDF9.GzR9WCEfvkL2GgrOBU6hl1kmIsUqZvzMiy9eEhEq6c0
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin, Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"34-dZu/bfEbcWPDtNLHGA7SpL7f1o8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-origin: https://alive5.com
access-control-expose-headers: Authorization,X-A5-APIKEY
access-control-allow-credentials: true

GET
H/1.1 200
OK riftrefunds-wicon1638285713364.png
s3.amazonaws.com/alive5cdn/images/widgets/upload/ Frame 27A6 6 KB
6 KB 336ms
145ms Image
image/png 52.216.226.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/alive5cdn/images/widgets/upload/riftrefunds-wicon1638285713364.png
Requested by: Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=dc60e389-9d98-46ff-8a9c-576aa0224d4f
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.226.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c11d5af7c4bb050a998211f995d70ed05ca1c5af9336d00357cd5a97a9733d0b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 05:58:23 GMT
Last-Modified: Tue, 30 Nov 2021 15:21:54 GMT
Server: AmazonS3
x-amz-request-id: 65W496MH6YRQYYE4
ETag: "0e056b6870e60c77c6900a52d276383f"
Content-Type: image/png
x-amz-version-id: 4QLo4VxvSM3xlw1zmDs.UmYkWpHIRCbL
Accept-Ranges: bytes
Content-Length: 5837
x-amz-id-2: 52zfokj5IP61h5gZo9L7KoWks0fPY7AUZrgXnRMKcuczFYGhWbpQHN59lHbu66x200EqvKooS40=

GET
H/1.1 200
OK riftrefunds-w1639648801480.png
s3.amazonaws.com/alive5cdn/images/widgets/upload/ 10 KB
10 KB 146ms
146ms Image
image/png 52.216.226.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/alive5cdn/images/widgets/upload/riftrefunds-w1639648801480.png
Requested by: Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1650638978826
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.226.51 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 91179d1a88b767aeb663d79df4ff7e770b9102f057442d8accca44365eeae130

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.riftrefunds.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Thu, 28 Apr 2022 05:58:23 GMT
Last-Modified: Thu, 16 Dec 2021 10:00:02 GMT
Server: AmazonS3
x-amz-request-id: 65W7B8SKSWM916PF
ETag: "9fc1e7ce45e90bb003e95abbfa2d10da"
Content-Type: image/png
x-amz-version-id: 76c4anguWhFZrgvUUGmjPfn_TwzJLLR5
Accept-Ranges: bytes
Content-Length: 9866
x-amz-id-2: x4gvQkw25o+QqPZBJPffd6mHNxrbItQTt7xCSNlhxRfTHdCIdNDHZ9+PQdccXR7ZgK3bxv+M85A=

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: netdna.bootstrapcdn.com
URL: http://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
riftrefunds.co.uk/	1969-12-31 23:59:59	Name: X-Mapping-fjhppofk Value: 809AC692D2394D6C645D92C5113DF320
www.riftrefunds.co.uk/	1969-12-31 23:59:59	Name: X-Mapping-fjhppofk Value: 78410BAC54F4FADEB00309042C4944C9
www.riftrefunds.co.uk/	1970-01-20 11:24:21	Name: tracking Value: agid=dr_www.riftrefunds.co.uk
.riftrefunds.co.uk/	1970-01-20 11:25:47	Name: _vwo_uuid_v2 Value: DBA5779306052E45077D50239DA3A719B\|1340a720931a1ec804629162b58312af
.riftrefunds.co.uk/	1970-01-20 11:24:21	Name: mp_0b179416cb8007b0a1b34e18f5c19368_mixpanel Value: %7B%22distinct_id%22%3A%20%221806ebfb3da44d-050d2fd221eb63-12333272-1d4c00-1806ebfb3dbf24%22%2C%22%24device_id%22%3A%20%221806ebfb3da44d-050d2fd221eb63-12333272-1d4c00-1806ebfb3dbf24%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.riftrefunds.co.uk/	1970-01-20 04:48:21	Name: _gcl_au Value: 1.1.1360173387.1651125499
.riftrefunds.co.uk/	1970-01-20 20:09:57	Name: _ga_EH92RV9LXW Value: GS1.1.1651125498.1.0.1651125498.60
.riftrefunds.co.uk/	1970-01-20 05:02:45	Name: _vis_opt_s Value: 1%7C
.riftrefunds.co.uk/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.riftrefunds.co.uk/	1970-01-23 18:14:45	Name: _vwo_uuid Value: DBA5779306052E45077D50239DA3A719B
.riftrefunds.co.uk/	1970-01-20 04:48:21	Name: _vwo_ds Value: 3%241651125498%3A28.07269205%3A%3A
.riftrefunds.co.uk/	1970-01-20 02:38:47	Name: _vwo_sn Value: 0%3A1
.riftrefunds.co.uk/	1970-01-20 05:02:45	Name: _vis_opt_exp_64_combi Value: 2
.riftrefunds.co.uk/	1970-01-20 20:09:57	Name: _ga Value: GA1.3.1019978785.1651125499
.riftrefunds.co.uk/	1970-01-20 02:40:11	Name: _gid Value: GA1.3.2041363435.1651125499
.riftrefunds.co.uk/	1970-01-20 02:38:45	Name: _gat_UA-89387535-1 Value: 1
.bing.com/	1970-01-20 12:00:21	Name: MUID Value: 0ED9B505C97664C0209FA491C8FD656A
.riftrefunds.co.uk/	1970-01-20 11:24:21	Name: _hjSessionUser_153662 Value: eyJpZCI6IjU5MDc1M2U1LTg0ODYtNWIzNS1hZjBjLTRlZjg4NmUwODY5MSIsImNyZWF0ZWQiOjE2NTExMjU0OTkwODcsImV4aXN0aW5nIjpmYWxzZX0=
.riftrefunds.co.uk/	1970-01-20 02:38:47	Name: _hjFirstSeen Value: 1
www.riftrefunds.co.uk/	1970-01-20 02:38:45	Name: _hjIncludedInSessionSample Value: 0
.riftrefunds.co.uk/	1970-01-20 02:38:47	Name: _hjSession_153662 Value: eyJpZCI6IjRjYjNkY2E0LTc5NWMtNGZjZi04ZGRmLTI1YTM2NzU5YTBmNiIsImNyZWF0ZWQiOjE2NTExMjU0OTkxNDIsImluU2FtcGxlIjpmYWxzZX0=
www.riftrefunds.co.uk/	1970-01-20 02:38:45	Name: _hjIncludedInPageviewSample Value: 1
.riftrefunds.co.uk/	1970-01-20 02:38:47	Name: _hjAbsoluteSessionInProgress Value: 0
.riftrefunds.co.uk/	1970-01-20 02:40:11	Name: _uetsid Value: 34128970c6b811ecb2a74b1cb6143c32
.riftrefunds.co.uk/	1970-01-20 12:00:21	Name: _uetvid Value: 3412e9c0c6b811ec871d7795bc6324ed
.riftrefunds.co.uk/	1969-12-31 23:59:59	Name: IR_gbd Value: riftrefunds.co.uk
.riftrefunds.co.uk/	1969-12-31 23:59:59	Name: IR_12434 Value: 1651125499225%7C0%7C1651125499225%7C%7C
.t.co/	1970-01-20 20:09:57	Name: muc_ads Value: dc19de1d-3d88-4006-b04c-fc71246bc934
.twitter.com/	1970-01-20 20:09:57	Name: personalization_id Value: "v1_gkaWqiUGkP+d8ZrsLXFCSA=="
.riftrefunds.co.uk/	1970-01-20 04:48:21	Name: _fbp Value: fb.2.1651125499504.1368958791
.yahoo.com/	1970-01-20 11:24:43	Name: A3 Value: d=AQABBPssamICEParCbWaSIU_Nvh1gT1VvzUFEgEBAQF-a2J0YgAAAAAA_eMAAA&S=AQAAAjRhOfXg74iwZ5_4oOh-tKo
.doubleclick.net/	1970-01-20 12:00:21	Name: IDE Value: AHWqTUlsUl2q5AExUBTRskVti5msGt9wcVfyhCpckYzzrleAaUiRZ313IKO3MzOrEto
.adsrvr.org/	1970-01-20 11:24:21	Name: TDID Value: 9c7e5d8b-e3a0-4faf-a6e4-5cd181d6f640
api-v2.alive5.com/	1970-01-20 02:48:50	Name: AWSALBCORS Value: zJ9tm7aoz9lW9WtRtTd6Ny3pk1Q06IRUtHLtrL2hza+a/0iZkVDTeaxGhQJAmO6HUA1eTxfPUXayLMch7LJdtQ94EeXCS2lY3iOpSZx9fz5sWnuy2hycGAlE90X9

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.riftrefunds.co.uk/(Line 38) Message: Mixed Content: The page at 'https://www.riftrefunds.co.uk/' was loaded over HTTPS, but requested an insecure stylesheet 'http://netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-glyphicons.css'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://capi.riftrefunds.co.uk/events Message: Failed to load resource: the server responded with a status of 422 ()
network	error	URL: https://capi.riftrefunds.co.uk/events Message: Failed to load resource: the server responded with a status of 422 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9918873.fls.doubleclick.net
adservice.google.com
adservice.google.de
alive5.com
analytics.google.com
analytics.twitter.com
api-v2.alive5.com
bat.bing.com
capi.riftrefunds.co.uk
cdn.mxpnl.com
cdnjs.cloudflare.com
connect.facebook.net
d.impactradius-event.com
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
netdna.bootstrapcdn.com
riftrefunds.co.uk
s.yimg.com
s3.amazonaws.com
script.hotjar.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
vars.hotjar.com
widget.trustpilot.com
widgets.getsitecontrol.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.riftrefunds.co.uk
netdna.bootstrapcdn.com
104.244.42.131
104.244.42.133
108.157.1.118
108.157.4.10
134.213.234.124
142.250.185.134
143.204.98.115
143.204.98.32
143.204.98.39
143.204.98.93
172.217.23.98
199.232.188.157
212.82.100.181
2600:1901:0:bc29::
2606:4700::6811:180e
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9b
2a02:26f0:ef:18c::38a3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.96.102.137
35.186.249.72
52.216.226.51
52.223.40.198
52.49.107.79
54.88.35.61
75.2.113.184
84.17.46.53
053049462fee55dcb10ef7c2c2a3b658aa3f1c30b35fbd77a3bb94c368ac0fab
06232d69be380680740624d892a7d922ea689fcdee0e09a0d59261d86630007d
0756f1403504ad0dbe3f540970a5c860dc2342cb00347738dc59acd2e62c724e
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
09dacb43ebc9bebd1e43ba0d0abe836575663d1149d2e695931d9c72a7c6cdf9
0a92828a9c8aa42bf82f5e3171cdd24686b7d8fd09efff0ba1cb081d2cd66672
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f1f29f67802b0047900a91ad17a21ebff9649b57a45e4aac47a70d1fc2997de
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17eb9793dbc77cc15418d2f78a00d8344b7962ccc41ab7c39f520ea090c300ba
1f241d25a0d80fde137c0afa3ef77c3fbfd670f63a272b6de80d7f3ac98efe96
2201a039d8b7b73c1758c9963f40568496eb66c6c27736e5986b2f57277acd82
23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81
2460e5ea7a8ca9d6097c126d30f34bb5a506f3264de496aa5ca343ed4c332a0e
29d17d1c4e295d95dd97f721ca118863f5ea45822d071587d9a75778400ff831
2cda1f5f6806246341ea4608b6fa467378e3b602497b8608419ca88b80b58153
2e4aefbc544311bf73253049aa5f5ab1996bbebe7901ed24eaea19cdc5f5f0b8
317657d062ac0b36e6f6dff02f4900c7fc81e46d968ee9bbcac022d54d8fe440
337c305b91b3c4bb8d5acb45061baf79df7321b9429abaac1435d1ee43fce379
34354b9d9fb30ac3fb0a12038af4c8aae605ab187b9cb8be3253421eb015dfbe
3af9168102afff223dc80ea3396c58c94c6ecc15607ff07220df47fa8d6deff6
3d06be8f75a1649ff5c8a193a54c041e2f0706e3ee880b2457b5133e2e0438a7
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
45674f87c18e6efb09ed61e106a5fadcca7c39c2e3b25a4d08915f752417cee8
466dfe584dcb4d922cad59118de06da9c273caf5f3fbf9ca1e9cc15d60dc0e1a
4a6dd50e4832ef2c672a668291f651862cbfdf497e58853f0b65b851bc9386f7
4cb21080c2ab9b6b0eacefa023aed0c3b2992d140c931ff72f710c97e52b5673
4f23b00cb8f7b4689bfbd1c92e599155dfdd60ef749d1d3a20bdeb4a92c1bc85
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
5553624a7bf34d1dff5e633922e3cdbde82dfebe78e3213fa1b84e992df434f3
575fa55b0d28f9d45511ea625fa100f67f160b12d6671ae1a5d4aaae67f70132
5e32e36d67d436fa5dc42760c7f99fc41c55709c43137a96a0c572133014170a
61215f934f74b7a8127a0225922becade66dfb3078ecd0646835600866696f75
63893e1db5495431ccf8a391c7b47f58c4b34e6707a88a7dac051ba97343c1f1
67f8c7fd7353ad063da1f3115924c458c494cb134f4d87de4407a132842c9bc9
6aa729099433f25b1c7abc391fbc7851ba7c8724b187688d1877fb9299594bd3
6efff2cf18417c01313ba15e5fb5461dc95cb93bc500fa0723eb4aab3aaeebfa
70d4c4423dab9cf00b6e9bcf57518eeafff00e9d2499f4463498b03bef2bdc33
722e4f7fbfe441a453855159c5a17554030dbc165ffeb222c2781417e5fcdc1f
7326d5c2b0682d8b6bd873fe7a6ace7cef5409a48ed42e5fd687b2e851ba6535
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73857f11e26acd2bac662ae9d15ce0a13c0a8fa580db0f5a979796f10db7121d
80730c3d8084dbca4f1060a59d64b394df5191ba87c7d14df213b63a73dc4f60
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
898d3b79bf606dbc3d003ccd5c652a4307c7a5370c360680bbd5649600141edb
8cc2c3b30adbb1c6d0b01f05e882070851b3c54a211bf29898b8f50df978e14f
8cf876eedc61ae9a2171aac4831d97f20e80c51cd50b550979b5e4c871778db7
91179d1a88b767aeb663d79df4ff7e770b9102f057442d8accca44365eeae130
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97935b983274b399f0e5d20be19c8df038494a73a994e119118c15b0960180f8
9f2fc412da514ae1b4748fb922a7e06c5aab9a29296e3c021f86513f6a1e8ae5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a710c9ece3b80012ddf6ffc4d9d00066d9b309724df18be5844394e445ff5089
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b49356f3a58f2edb2298b1fc9ddb2160569559ffdb17ff7467a8bb9a3790be66
b514369337bc361b8eeb6a96a82d5ffd883e25cb00938ffce7f07bab5256713b
b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79
b99590413d5e22ce7b94d73504a5f39b600e5cb766bee40ae2b80427add977a7
b9dff679ff9931afbbb8019d522a7d03d7787a7d7818037d48f3a502c652e2b6
ba5189b07df691b854af34be512a7d0869d50104faab77d747486dcb629ffdba
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c03a35a136ce87285258d19e8d54dd90ae3f3ee5cd04c9a18f90982f15642b9f
c11d5af7c4bb050a998211f995d70ed05ca1c5af9336d00357cd5a97a9733d0b
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1d6e2272a0c73bb019d63bf1f8310105d9aafca24ea6db417e092ca1eddac3a
c7c3cb7a8bd20ec96deba9d9a3c60644901336c70349a9aca18172092e72b287
c8501396860ce84ed9075cbd696f0813b4aa88bbd50042aa11c15a08516fc2b8
cd49d865060a77d83e34a641f67211e8036290908a40c7f6b2804331134e1eef
d195b7118d9720f4cfbc8e866a3869c454f06c199bf28c457be8ea8c5f2ab817
d2745817d8233201a1972093475a7866dbb5b1e37f94364e200a568ceab9f893
d68e6a198a0ec5c688a96279f90e09a131a920da5418e00e544593e78ca23bb0
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
db48153425bed93167b468b2831df94b35f15ebcdaf8f6b44270d021eed29df9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa5bfec72fc9e5bfdb0bc2cf350ae19764ed21b64e63a855eaba64c5762c4e0
e0e44c153e6969ff112250bc468dd4615e5f48f2b2db3e3ffabc11be9d9b6313
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9f0340ebef456ad498a87f2727c12d69b6c8d226426cd0fab206b30896cfa1
eb1c2af20effd46a5befdf3925b865a14a5730a97cf7c7e82bc2f4fb206bd2a5
eb55ec259cf162dca5d353e1109baeacd7576087e7c6409d998e712714dc0b15
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee9f2921012489f927e1322842b325cb96387f99615d62801332ae156c71b84d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5
f3b9de3fb9833ebc685f370fcdf018ea6cdd31e6a77feec08a4e92187a1e5605
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

www.riftrefunds.co.uk Open in urlscan Pro 2a02:26f0:ef:18c::38a3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

46 %IPv6

28 Domains

41 Subdomains

38 IPs

6 Countries

1321 kBTransfer

3835 kBSize

34 Cookies

12 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.riftrefunds.co.uk Open in urlscan Pro
2a02:26f0:ef:18c::38a3 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

46 %
IPv6

28
Domains

41
Subdomains

38
IPs

6
Countries

1321 kB
Transfer

3835 kB
Size

34
Cookies

122 HTTP transactions
0 data transactions