www.getyourrefund.org
Open in
urlscan Pro
35.173.27.75
Public Scan
Effective URL: https://www.getyourrefund.org/eip?s=cbpp
Submission: On September 23 via api from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 29th 2020. Valid for: 3 months.
This is the only time www.getyourrefund.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 209.18.70.182 209.18.70.182 | 14492 (DATAPIPE) (DATAPIPE) | |
5 | 35.173.27.75 35.173.27.75 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:81a::2008 | 15169 (GOOGLE) (GOOGLE) | |
7 | 104.18.71.113 104.18.71.113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:400c:c0c::9c | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 104.16.53.111 104.16.53.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.123.119.171 3.123.119.171 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 11 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-27-75.compute-1.amazonaws.com
www.getyourrefund.org |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-119-171.eu-central-1.compute.amazonaws.com
widget-mediator.zopim.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
zdassets.com
static.zdassets.com ekr.zdassets.com |
527 KB |
5 |
getyourrefund.org
www.getyourrefund.org |
139 KB |
4 |
zendesk.com
eitc.zendesk.com |
2 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
bing.com
bat.bing.com |
8 KB |
1 |
zopim.com
widget-mediator.zopim.com |
619 B |
1 |
google.de
www.google.de |
106 B |
1 |
google.com
www.google.com |
106 B |
1 |
doubleclick.net
stats.g.doubleclick.net |
92 B |
1 |
googletagmanager.com
www.googletagmanager.com |
36 KB |
1 |
usu.edu
1 redirects
rmagnet.usu.edu |
689 B |
25 | 11 |
Domain | Requested by | |
---|---|---|
6 | static.zdassets.com |
www.getyourrefund.org
static.zdassets.com |
5 | www.getyourrefund.org |
www.getyourrefund.org
|
4 | eitc.zendesk.com |
static.zdassets.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | bat.bing.com |
www.getyourrefund.org
|
1 | widget-mediator.zopim.com |
static.zdassets.com
|
1 | www.google.de | |
1 | www.google.com | |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ekr.zdassets.com |
static.zdassets.com
|
1 | www.googletagmanager.com |
www.getyourrefund.org
|
1 | rmagnet.usu.edu | 1 redirects |
25 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.codeforamerica.org |
www.irs.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.getyourrefund.org Let's Encrypt Authority X3 |
2020-08-29 - 2020-11-27 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2020-05-20 - 2020-11-26 |
6 months | crt.sh |
www.bing.com Microsoft IT TLS CA 2 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
eitc.zendesk.com Cloudflare Inc ECC CA-3 |
2020-07-15 - 2021-07-15 |
a year | crt.sh |
*.zopim.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-30 - 2021-05-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.getyourrefund.org/eip?s=cbpp
Frame ID: 40EF6F7BCF59AAB044E8E94A1FC02948
Requests: 16 HTTP requests in this frame
Frame:
https://static.zdassets.com/web_widget/latest/preload.55392e8c9a3b8090a3f2.js
Frame ID: D452E3BE6D7ED6A266D2BB874F20AB90
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://rmagnet.usu.edu/link.cfm?r=8cVg5wPgA2_yaUK_6Ca0pw~~&pe=tfIRmrtibKchpoW0J2eF6Hyq_PApmJO-5vNEf...
HTTP 302
https://www.getyourrefund.org/eip?s=cbpp Page URL
Detected technologies
CFML (Programming Languages) ExpandDetected patterns
- url /\.cfm(?:$|\?)/i
Adobe ColdFusion (Web Frameworks) Expand
Detected patterns
- url /\.cfm(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Code for America
Search URL Search Domain Scan URL
Title: VITA
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://rmagnet.usu.edu/link.cfm?r=8cVg5wPgA2_yaUK_6Ca0pw~~&pe=tfIRmrtibKchpoW0J2eF6Hyq_PApmJO-5vNEfN6BTzXrZ4iJOSLc_qLSyJMhPqgBIdjyGjHRNHKT-x3E4PeAGQ~~&t=JxRtd4NsSsqFFTCB8j6T9w~~
HTTP 302
https://www.getyourrefund.org/eip?s=cbpp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
eip
www.getyourrefund.org/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
90 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-b560e2d42b845c98f6fbbc9db9dee68feea878d85ab217263b77d83f726ae719.css
www.getyourrefund.org/assets/ |
108 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application-4d86c15e58c9df621b63b6f93625a2b456a0b0c8f82a1542f81e7aa27aea61d0.js
www.getyourrefund.org/assets/ |
140 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox-logo--white-252f6970859e7b1ba37367e7820af3472b45415066bb501fae76813011fde48e.png
www.getyourrefund.org/assets/ |
363 B 552 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snippet.js
static.zdassets.com/ekr/ |
24 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
26 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stimulus-hero-f367bd7138e09be07b55b356ccfbc5a9d78d933a36a174d1fa515e5054adc751.svg
www.getyourrefund.org/assets/ |
66 KB 67 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
05866b72-a822-42e2-b72e-df1d9f6cf1bc
ekr.zdassets.com/compose/ |
667 B 815 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 148 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 401 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
preload.55392e8c9a3b8090a3f2.js
static.zdassets.com/web_widget/latest/ Frame D452 |
61 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendors~web_widget.af1f4c14418f7f4d7688.chunk.js
static.zdassets.com/web_widget/latest/ Frame D452 |
1 MB 282 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_widget.e223f11f955c574d1b79.chunk.js
static.zdassets.com/web_widget/latest/ Frame D452 |
851 KB 164 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chat-sdk.cec40ba63b2a85de0a9c.chunk.js
static.zdassets.com/web_widget/latest/ Frame D452 |
257 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
eitc.zendesk.com/embeddable/ |
593 B 1020 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-json.cc8e73e5fe307bb27426.chunk.js
static.zdassets.com/web_widget/latest/locales/ Frame D452 |
25 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
eitc.zendesk.com/ Frame D452 |
0 555 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
eitc.zendesk.com/ Frame D452 |
0 245 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
widget-mediator.zopim.com/client/widget/account/ Frame D452 |
20 B 619 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddable_blip
eitc.zendesk.com/ Frame D452 |
0 246 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| gtag object| dataLayer object| uetq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| toggleNav function| collapseSidebar function| openSidebar function| setSelectedState object| ajaxMixpanelEvents object| incrementer object| radioSelector object| checkboxSelector object| followUpQuestion object| revealer object| immediateUpload object| inputGroupSelector object| noneOfTheAbove object| showMore object| accordion object| Rails boolean| _rails_loaded object| ActiveStorage function| $ function| jQuery object| jQuery112404412786980440073 object| mixpanelData object| zESettings object| zEWebpackACJsonp function| setImmediate function| clearImmediate function| zE function| zEmbed function| UET object| gaplugins object| gaGlobal object| gaData boolean| zEACLoaded function| $zopim7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.getyourrefund.org/ | Name: _gat_gtag_UA_156157414_1 Value: 1 |
|
.getyourrefund.org/ | Name: _gid Value: GA1.2.2026391369.1600871451 |
|
.getyourrefund.org/ | Name: _uetvid Value: fb7e1f19abe62d0574da76882da2acc2 |
|
.getyourrefund.org/ | Name: _ga Value: GA1.2.332215043.1600871451 |
|
.getyourrefund.org/ | Name: _uetsid Value: b6790d6ab2273570bd93a82817640fd0 |
|
www.getyourrefund.org/ | Name: _vita_min_session Value: n1%2FrxBrrhiTVMYtC1IahlybOrmTLvG%2BQdksPkKEwW5aPyMAxJaM6PACMu0oOmGZuqcJc9qWjpRA3ghnrFoaKX7AQPr5IYyZc%2F%2BVHW7YubSXO%2FcHoXGgV7lQE6ukgyA0o4zw3k1XAtjq5gAJdHAhWafe%2BqAav3QOXOO9tSLo9zKrv27qg0laLqTyPhNQPar6Q--Dk3mH%2B4Kr2zkAwaE--7LQmv9b13GgWEXeXxbxPGg%3D%3D |
|
www.getyourrefund.org/ | Name: visitor_id Value: a3c6bf60f53976e0e6405128059bd11dd1a83efd015ebdf4096a |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bat.bing.com
eitc.zendesk.com
ekr.zdassets.com
rmagnet.usu.edu
static.zdassets.com
stats.g.doubleclick.net
widget-mediator.zopim.com
www.getyourrefund.org
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.16.53.111
104.18.71.113
209.18.70.182
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81a::2008
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9c
3.123.119.171
35.173.27.75
02a047539c12143ace6b8d568ded787229952c94e02ad83454b0cb4d6fcb6875
088e61eb148f84a8036fda284b8ca99b67f08e9e192ed5599442bf7a1e11904e
252f6970859e7b1ba37367e7820af3472b45415066bb501fae76813011fde48e
39e728574e3c99e4633a84fff1ca0df9d61021667f0627a3522f849c3eb468a9
3c9341a2a75c9949a441e6be45f38f24761f4b6af7fb6ea277e4e4b2f4ee8cc5
4d86c15e58c9df621b63b6f93625a2b456a0b0c8f82a1542f81e7aa27aea61d0
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
66feccdda5935de7fea6f92c4f89af01123c81ec486362b797024bedb873c02b
8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87407b6db5abf75a753ca1a8f01a6d96d30ac002d8e0d6ca4a1052e994ef9529
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
c4209410da99a8057f1843decafe474fa5b1c6fda37e04f90d1c250433f05e99
d7f4cfa38acd5b443b4b6f910f9f991b864b4e848305a4c7f4d19b9478fcc9a5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e18a55f02a6f88d8c657864e3a8323062b57f0319b186f6e80c6934dfbf06b49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f367bd7138e09be07b55b356ccfbc5a9d78d933a36a174d1fa515e5054adc751