Submitted URL: https://refund-retriever.com/
Effective URL: https://www.refundretriever.com/
Submission: On September 10 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 27 IPs in 5 countries across 26 domains to perform 131 HTTP transactions. The main IP is 104.198.3.239, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.refundretriever.com.
TLS certificate: Issued by R3 on July 4th 2021. Valid for: 3 months.
This is the only time www.refundretriever.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 104.198.3.239 15169 (GOOGLE)
71 94.31.29.99 6461 (ZAYO-6461)
2 142.250.80.10 15169 (GOOGLE)
2 104.16.18.94 13335 (CLOUDFLAR...)
2 35.172.187.134 14618 (AMAZON-AES)
1 142.250.65.200 15169 (GOOGLE)
1 204.141.42.49 2639 (ZOHO-AS)
1 2 199.232.136.157 54113 (FASTLY)
7 142.250.80.67 15169 (GOOGLE)
1 172.67.39.148 13335 (CLOUDFLAR...)
2 185.60.218.24 32934 (FACEBOOK)
2 142.250.80.78 15169 (GOOGLE)
2 204.141.43.67 2639 (ZOHO-AS)
1 142.250.65.226 15169 (GOOGLE)
2 185.60.218.35 32934 (FACEBOOK)
1 104.244.42.5 13414 (TWITTER)
1 23.218.209.45 16625 (AKAMAI-AS)
1 104.244.42.3 13414 (TWITTER)
1 142.251.4.155 15169 (GOOGLE)
1 2 108.174.11.37 14413 (LINKEDIN)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 142.250.64.66 15169 (GOOGLE)
11 136.143.183.48 2639 (ZOHO-AS)
2 142.250.80.68 15169 (GOOGLE)
3 99.84.90.92 16509 (AMAZON-02)
1 34.107.133.18 15169 (GOOGLE)
1 76.76.21.21 16509 (AMAZON-02)
2 204.141.42.97 2639 (ZOHO-AS)
131 27
Domain Requested by
71 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com www.refundretriever.com
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
8 www.refundretriever.com www.refundretriever.com
cdnjs.cloudflare.com
7 js.zohocdn.com salesiq.zoho.com
js.zohocdn.com
7 fonts.gstatic.com fonts.googleapis.com
4 css.zohocdn.com salesiq.zoho.com
css.zohocdn.com
js.zohocdn.com
3 d2rcp9ak152ke1.cloudfront.net www.refundretriever.com
d2rcp9ak152ke1.cloudfront.net
2 salesiq.zohopublic.com js.zohocdn.com
2 www.google.com www.refundretriever.com
2 px.ads.linkedin.com 1 redirects www.refundretriever.com
2 www.facebook.com www.refundretriever.com
2 salesiq.zoho.com www.refundretriever.com
salesiq.zoho.com
2 www.google-analytics.com www.refundretriever.com
www.google-analytics.com
2 connect.facebook.net www.refundretriever.com
connect.facebook.net
2 track.gaconnector.com www.refundretriever.com
track.gaconnector.com
2 cdnjs.cloudflare.com www.refundretriever.com
2 fonts.googleapis.com www.refundretriever.com
1 build-mlo38xbym-saasquatch1.vercel.app app.referralsaasquatch.com
1 app.referralsaasquatch.com d2rcp9ak152ke1.cloudfront.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.linkedin.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 analytics.twitter.com platform.twitter.com
1 snap.licdn.com www.refundretriever.com
1 t.co www.refundretriever.com
1 www.googleadservices.com www.googletagmanager.com
1 static.addtoany.com www.refundretriever.com
1 static.ads-twitter.com www.refundretriever.com
1 platform.twitter.com 1 redirects
1 crm.zoho.com www.refundretriever.com
1 www.googletagmanager.com www.refundretriever.com
1 refund-retriever.com 1 redirects
131 31
Subject Issuer Validity Valid
www.refundretriever.com
R3
2021-07-04 -
2021-10-02
3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-22 -
2022-03-18
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-23 -
2021-11-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.gaconnector.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-27 -
2022-08-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.zoho.com
Sectigo RSA Domain Validation Secure Server CA
2021-05-14 -
2022-05-14
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2021-04-30 -
2022-05-11
a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-05 -
2022-02-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-04-15 -
2021-10-15
6 months crt.sh
*.zohocdn.com
R3
2021-08-27 -
2021-11-25
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.cloudfront.net
Amazon
2021-03-19 -
2022-03-17
a year crt.sh
app.referralsaasquatch.com
GTS CA 1D4
2021-08-23 -
2021-11-21
3 months crt.sh
*.vercel.app
R3
2021-08-16 -
2021-11-14
3 months crt.sh
*.zohopublic.com
Sectigo RSA Domain Validation Secure Server CA
2020-03-04 -
2022-03-04
2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.refundretriever.com/
Frame ID: 681F2C55B27A20E2FA2931BAC9838E5C
Requests: 118 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3C45D068C91C6930F744184552A67CDA
Requests: 1 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/styles/newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css
Frame ID: 10DB9EC28FD5A6E6DD7E9ECEAFEBD6BF
Requests: 10 HTTP requests in this frame

Frame: https://app.referralsaasquatch.com/a/azcmogcpdnqjl/widgets/squatchcookie?xdm_e=https%3A%2F%2Fwww.refundretriever.com&xdm_c=default3616&xdm_p=1
Frame ID: 7B70B32EAD2F444E740C0200B9873531
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Refund Retriever | Shipment Auditing

Page URL History Show full URLs

  1. https://refund-retriever.com/ HTTP 301
    https://www.refundretriever.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

131
Requests

100 %
HTTPS

0 %
IPv6

26
Domains

31
Subdomains

27
IPs

5
Countries

4431 kB
Transfer

10047 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://refund-retriever.com/ HTTP 301
    https://www.refundretriever.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 106
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240978%26time%3D1631306093317%26url%3Dhttps%253A%252F%252Fwww.refundretriever.com%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F&liSync=true

131 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.refundretriever.com/
Redirect Chain
  • https://refund-retriever.com/
  • https://www.refundretriever.com/
128 KB
20 KB
Document
General
Full URL
https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
3fb5076df5212d5cc3ec0ee4de8ba86e1285b7817b9f3b21695b8ad7f7ee2185

Request headers

:method
GET
:authority
www.refundretriever.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 10 Sep 2021 20:34:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
last-modified
Fri, 09 Apr 2021 11:42:21 GMT
link
<https://www.refundretriever.com/wp-json/>; rel="https://api.w.org/" <https://www.refundretriever.com/wp-json/wp/v2/pages/2408>; rel="alternate"; type="application/json" <https://www.refundretriever.com/>; rel=shortlink
expires
Sat, 09 Oct 2021 17:55:28 GMT
x-powered-by
WP Engine
access-control-allow-origin
*
x-cacheable
YES:15552000.000
cache-control
max-age=15552000, must-revalidate
x-cache
HIT: 1958
x-cache-group
normal
content-encoding
br

Redirect headers

server
nginx
date
Fri, 10 Sep 2021 20:34:51 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.refundretriever.com/
last-modified
Fri, 09 Apr 2021 11:42:21 GMT
x-redirect-by
WordPress
expires
Sun, 10 Oct 2021 20:34:51 GMT
x-powered-by
WP Engine
vary
User-Agent
access-control-allow-origin
*
x-cacheable
non200
cache-control
max-age=600, must-revalidate
x-cache
MISS
x-cache-group
normal
style.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/
79 KB
11 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:13 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a09-13abe"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
blocks.style.build.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/dist/
27 KB
3 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:17 GMT
server
NetDNA-cache/2.2
etag
W/"613a49d1-6c70"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f7988e3c04dbf5148adeed726b95dd21259e6cb9d3de4b608cf39ee35834c361

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 20:20:37 GMT
server
NetDNA-cache/2.2
etag
W/"5e348c15-4abf"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
51 KB
10 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-ccc9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/
613 B
528 B
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/style.css?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
18584b5fca585444cc86adfc374bca6d805a0e12d73495beeab6d94a4da264d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-265"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
grid-system.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
69 KB
7 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/grid-system.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8e93ff9c9d6311c36c75b167f77b97a012ec931c88d308b883fcc576f967b146

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-113f4"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
597 KB
88 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7877050ec9f0a551a1c47b1654c9434bf40b8b8a65c61e2c1cc64b0d4696ee38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-9549c"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
simple-dropdown.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/off-canvas/
6 KB
2 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/off-canvas/simple-dropdown.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
16269aa9d7d3e729a4247c073f2a0cc19f00c747006933746fc93cb34674d592

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-19db"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
magnific.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/plugins/
11 KB
3 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/plugins/magnific.css?ver=8.6.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-2ac9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:08:42 GMT
server
ESF
date
Fri, 10 Sep 2021 20:34:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 20:34:52 GMT
responsive.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
114 KB
16 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/responsive.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
dc49fc342e53b4c9ba763abbd82e3f0c39a889f35b35cbf5d0f186b08934a4c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-1c8e2"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient-child/
7 KB
2 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient-child/style.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ef8abb21406964a1a136fe0e19ed35c030ac4cb318b7a2917497c8cdf8b9d734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:50:19 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf1cab-1a3b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ascend.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
58 KB
8 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ascend.css?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ff57968ba0d995d2dbcaa80779cb40a1dbc93d1bf5ee78301dc49629108bbd9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-e76d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js_composer.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/css/
109 KB
14 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 20:20:34 GMT
server
NetDNA-cache/2.2
etag
W/"5e348c12-1b398"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.lazyloadxt.fadein.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/css/
445 B
475 B
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.fadein.css?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b36f9723de1d9f13021891814f4ed7269f2ede9bb814f9a914eefaeb5eb1f516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-1bd"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
a3_lazy_load.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/sass/
127 B
334 B
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1546933841
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Mon, 27 Jan 2020 22:59:38 GMT
server
NetDNA-cache/2.2
etag
W/"5e2f6b5a-7f"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
addtoany.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/
1 KB
728 B
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-5ef"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
salient-dynamic-styles.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/
149 KB
21 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=34297
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e3e8d90b297b7103c351e76dc0f7e9dd783a6e25d059e158ccd297967357c0d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:54:50 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf1dba-25532"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
12 KB
1006 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f10.1e100.net
Software
ESF /
Resource Hash
fd9f04b42522f652398f4a708fb884a2dca0585d69056251b3cdbffbdc2d1de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 20:34:52 GMT
server
ESF
date
Fri, 10 Sep 2021 20:34:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 20:34:52 GMT
jquery.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-15db1"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-2bd8"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
addtoany.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/
129 B
358 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-81"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
svgs-inline-min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/svg-support/js/min/
1 KB
821 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6ffe5bb7b2bbd10ab6e9bdb605a8806d77ceb9d7a08a007e10b53471c4fa9c76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:18 GMT
server
NetDNA-cache/2.2
etag
W/"613a49d2-4dd"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/
11 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3644
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3980
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hlg3N3drB2m0o8goKT1iDnh%2FZ0GPxSduGOFVnA0LIaSbQnL1txdPvoqgwkeUAcLbbklOF09E7PyLpKkq1OfRpWv%2BxkhXHqHKzEO1ymiSSq46CNgy%2FQsG9ht4LMKjffYEJwcWDFcr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68cb70851a01412c-PRG
expires
Wed, 31 Aug 2022 20:34:52 GMT
gaconnector.js
track.gaconnector.com/
8 KB
3 KB
Script
General
Full URL
https://track.gaconnector.com/gaconnector.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.187.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-187-134.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
access-control-request-method
*
server
nginx/1.18.0
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, GET
access-control-allow-origin
*
cache-control
public, max-age=3600
content-encoding
gzip
access-control-allow-headers
*
content-length
3080
expires
Fri, 10 Sep 2021 21:34:52 GMT
js
www.googletagmanager.com/gtag/
96 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1067394428
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b6b203a8271d3c2c88aea8b4bcd5a2816a016b872d41517cb30a50e767ccf47e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39322
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 20:34:52 GMT
logo-rr.png
www.refundretriever.com/wp-content/uploads/2018/03/
6 KB
6 KB
Image
General
Full URL
https://www.refundretriever.com/wp-content/uploads/2018/03/logo-rr.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8

Request headers

:path
/wp-content/uploads/2018/03/logo-rr.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:14 GMT
server
nginx
etag
"5b1245a6-1745"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5957
logo-rr.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/03/
6 KB
6 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/03/logo-rr.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:14 GMT
server
NetDNA-cache/2.2
etag
"5b1245a6-1745"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5957
lazy_placeholder.gif
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/images/
42 B
267 B
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
"613a49cf-2a"
vary
Accept-Encoding
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
42
wp-emoji-release.min.js
www.refundretriever.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.refundretriever.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
br
last-modified
Thu, 09 Sep 2021 17:53:13 GMT
server
nginx
etag
W/"613a4a09-4705"
vary
Accept-Encoding Accept-Encoding Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
trustedbyexperts.jpg
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/
30 KB
30 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/trustedbyexperts.jpg
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a5c1beaa3e3011831d0c8fc84b02f5362c126cb0dc5dc6f4a0fdbe0ba3f93d1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Mon, 07 Jan 2019 22:01:47 GMT
server
NetDNA-cache/2.2
etag
"5c33cc4b-7734"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
30516
5stars.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/
2 KB
2 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/5stars.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
71a607ab6050f64e6fd078d3ecb45517636623f4c82bb2d96fbfdfee0cfb8a73

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:17 GMT
server
NetDNA-cache/2.2
etag
"5b1245a9-721"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1825
review-facebook.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/
4 KB
4 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/review-facebook.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
7ac138b6a78fd04c92aab6020c2669e91f2b0fc9e832a0e15faaefdce19c1e85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:19 GMT
server
NetDNA-cache/2.2
etag
"5b1245ab-1027"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4135
review-bbb.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/
2 KB
3 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/review-bbb.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ce4cfe5020df792fb1ac39bb2f9c6ae7a0e4468423735a477b45785579ac602f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Mon, 27 Jan 2020 22:59:21 GMT
server
NetDNA-cache/2.2
etag
"5e2f6b49-9de"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2526
review-yelp.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/
3 KB
3 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/review-yelp.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8b5fc6c399a32bc4fd40a94fc3cbc02bd7467094f3d080bfcb5d25accc081e54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:19 GMT
server
NetDNA-cache/2.2
etag
"5b1245ab-d04"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3332
ambc.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2020/01/
23 KB
23 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2020/01/ambc.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6b5730ae9f33a0a7afe9a86492c861267b99a4bc832cb74ad0412b14639c0d01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Fri, 31 Jan 2020 21:20:49 GMT
server
NetDNA-cache/2.2
etag
"5e349a31-5b14"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
23316
rs-associates-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
18 KB
18 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/rs-associates-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
96b73859ad716f59d0b85c8ceb06c6b58c7ea6dce73113e0e8672c266ba2956b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-4850"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18512
atandra-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
8 KB
9 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/atandra-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
87395046866379105ced9e87a7758136a01de599efa54a175b9781350c1a8e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-21d6"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
8662
shipworks-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
7 KB
7 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/shipworks-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
350fd754e649c114716de90c5d07a6d7ff424012e768b4325dc837ae3f1d2f91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-1c2e"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7214
shopify-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
13 KB
14 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/shopify-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
adffbd9a5c5c73d059d7014b9cea24d3a191c1eb1cdb17bde04334f009d63e2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-356f"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13679
skuvault-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
6 KB
6 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/skuvault-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ad68db4a8b6ee0732c3645ad9fe195980b541348dd3d8cbaec74e1c43a988f7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-1757"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
5975
bigcommerce-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
3 KB
3 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/bigcommerce-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2e1607a9854f56156d4a8ec04c29d74e7dc2417af6dbcb7ec69a1bbd36b030d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-c5d"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3165
magento-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
16 KB
16 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/magento-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9fb928d8f5b3158259cc5390de2faeee1a2aaadeb4bfce76c0fd7f2639a7b1ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-3eae"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
16046
3dcart-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
12 KB
12 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/3dcart-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c38e742875752b72d19079688bfcbc6198ec10a95f8476e709317cee4345c2af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:00 GMT
server
NetDNA-cache/2.2
etag
"5b124598-2e35"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11829
u-pic-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/
18 KB
19 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/u-pic-240x150.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b7f704024ab4f0f285cf64a102f571b3b68ec93e680ace66038a1ef6339802c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:03 GMT
server
NetDNA-cache/2.2
etag
"5b12459b-4953"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18771
Refund-Retriever-Payability.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/10/
7 KB
7 KB
Image
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/10/Refund-Retriever-Payability.png
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
30235170f66db7a1bf6b3760dd45a2790afcfa1da343b4e40132ebd09ef426c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:00 GMT
server
NetDNA-cache/2.2
etag
"5b124598-1a92"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
6802
bodymovin.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/
248 KB
49 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab49fef43f10b1493313953f207fec4841377695eceadcf8e10c859108e477ec
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2169032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
49426
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-3e056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2epv3QFzERq2TqT9iagXfPRhVulR3Gq9MNq5wh6OdfBT%2BdUlF4xpjFjtXO5vPEmEd2r3%2FRID0S0n1F19j6%2FbfLFxpByICgoONTFcFAvXf%2FqT1U4BCPDYO6nInKHhhKtjd9YYZxO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68cb7086ad23412c-PRG
expires
Wed, 31 Aug 2022 20:34:52 GMT
zcga.js
crm.zoho.com/crm/javascript/
4 KB
3 KB
Script
General
Full URL
https://crm.zoho.com/crm/javascript/zcga.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.49 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
referrer-policy
strict-origin
last-modified
Fri, 10 Sep 2021 07:07:28 GMT
server
ZGS
etag
W/"4180-1631257648000"
x-frame-options
SAMEORIGIN
content-language
de-DE
content-security-policy-report-only
script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.zappsusercontent.com https://*.zappsusercontent.eu https://*.zappsusercontent.in https://*.zappsusercontent.com.au https://*.zappsusercontent.com.cn https://*.localzappscontents.com https://*.zohostatic.com https://*.zoho.com https://js.zohocdn.com https://desk.zoho.com https://salesiq.zoho.com https://js.zohostatic.com https://localjs.zohostatic.com https://media.twiliocdn.com/sdk/js/client/releases/1.7.7/twilio.min.js https://media.twiliocdn.com/sdk/js/client/v1.7/twilio.min.js https://cdn.pagesense.io https://pagesense-collect.zoho.com https://iplocation.zoho.com https://s.ytimg.com/yts/jsbin/ https://www.youtube.com/iframe_api https://dyjgaef5vuq51.cloudfront.net https://dtzpfzv31buvf.cloudfront.net https://d22czkv2r5ogmg.cloudfront.net https://d12h6dzwzn4m10.cloudfront.net https://d17nz991552y2g.cloudfront.net https://scripts.zohospotlight.com chrome-extension://* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://js.stratuscdn.com https://cdn.pagesense.io https://zohotagmanager.cdn.pagesense.io https://static.zohocdn.com https://www.zohowebstatic.com/ https://scripts.zohospotlight.com https://widgets.zohosalesiq.com https://static.stratuscdn.com; report-uri https://logsapi.zoho.com/csplog?service=crm
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-type
application/javascript
vary
accept-encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
6 KB
2 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
via
1.1 varnish
last-modified
Wed, 25 Aug 2021 16:20:44 GMT
age
76568
etag
"934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
2119
x-timer
S1631306093.827617,VS0,VE0
x-served-by
cache-hhn11552-HHN

Redirect headers

date
Fri, 10 Sep 2021 20:34:52 GMT
vary
x-cache
HIT
location
https://static.ads-twitter.com/oct.js
retry-after
0
accept-ranges
bytes
content-length
0
tw-cdn
FT
x-served-by
cache-hhn11551-HHN
animate.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/
53 KB
4 KB
Stylesheet
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=6.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 20:20:35 GMT
server
NetDNA-cache/2.2
etag
W/"5e348c13-d2e3"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
core.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/
20 KB
7 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-5133"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
menu.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/
9 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.12.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-253b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
regenerator-runtime.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-1906"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-polyfill.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/
16 KB
6 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-4056"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
dom-ready.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/
1 KB
855 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-4e9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hooks.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/
5 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-1540"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
i18n.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/
10 KB
4 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-268a"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
a11y.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/
3 KB
1 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:13 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a09-bc1"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
autocomplete.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/
8 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.12.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:14 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a0a-215b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wpss-search-suggest.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/nectar/assets/functions/ajax-search/
1 KB
843 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/nectar/assets/functions/ajax-search/wpss-search-suggest.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
0c55ac0f4463deb4e694227e07b735dd88a80cd63db79de18c6f14b77a266116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-446"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
mpp-frontend.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/js/
331 B
446 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:17 GMT
server
NetDNA-cache/2.2
etag
W/"613a49d1-14b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
salient-social.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/js/
11 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 20:20:37 GMT
server
NetDNA-cache/2.2
etag
W/"5e348c15-2a2c"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.easing.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
6 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-19c9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.mousewheel.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
3 KB
1 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-ad9"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
priority.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/
7 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/priority.js?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-1dad"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
transit.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
7 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-1cff"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
waypoints.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
18 KB
4 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-4888"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
imagesLoaded.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-portfolio/js/third-party/
5 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:02 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13ee-15e0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hoverintent.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
2 KB
1 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-8ce"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
magnific.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
47 KB
14 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/magnific.js?ver=7.0.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-bdd0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
superfish.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/
9 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-24fe"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
init.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/
547 KB
102 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/init.js?ver=12.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
c33fd000b3ac6efa19d96da09a83a10bc128a61d51deae55c28c8404a3870610

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13f0-88cdd"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
touchswipe.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-core/js/third-party/
9 KB
3 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 15 May 2020 22:13:02 GMT
server
NetDNA-cache/2.2
etag
W/"5ebf13ee-24a0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.lazyloadxt.extra.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/
3 KB
2 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.7
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-bc7"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.lazyloadxt.srcset.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/
2 KB
1015 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.7
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-625"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.lazyloadxt.extend.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/
1 KB
666 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.4.7
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:52:15 GMT
server
NetDNA-cache/2.2
etag
W/"613a49cf-415"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/
1 KB
1016 B
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Thu, 09 Sep 2021 17:53:13 GMT
server
NetDNA-cache/2.2
etag
W/"613a4a09-592"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js_composer_front.min.js
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/js/dist/
20 KB
6 KB
Script
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.1
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 20:20:35 GMT
server
NetDNA-cache/2.2
etag
W/"5e348c13-5079"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 15:17:29 GMT
x-content-type-options
nosniff
age
364643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19536
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 15:17:29 GMT
page.js
static.addtoany.com/menu/
84 KB
29 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.39.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
via
e2s
x-content-type-options
nosniff
cf-cache-status
HIT
age
67542
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 14 May 2021 06:41:59 GMT
server
cloudflare
etag
W/"14f2c-5c2448a7281f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
68cb7087a8e027c0-PRG
cf-bgj
minify
track_pageview
track.gaconnector.com/
491 B
671 B
XHR
General
Full URL
https://track.gaconnector.com/track_pageview?gaconnector_id=52c7aeb3-80a7-ecdf-7984-bf28f30eff43&account_id=f6f77599ae9e676788ff79c01b54c350&referer=&GA_Client_ID=undefined&page_url=https%3A%2F%2Fwww.refundretriever.com%2F&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by
Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.187.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-187-134.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
dd7c6455d147604f844eaad405ad7100a56fe6011af06d7fad546693b09ce284

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 20:34:53 GMT
access-control-request-method
*
server
nginx/1.18.0
access-control-allow-headers
*
content-length
491
access-control-allow-methods
OPTIONS, GET
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
pzkzAbqYxK2Pag5vLoW9LDVzZToRLj0LzZMuJnTA9VAoMT7k+2aHEhKBSGChOSU2sXlXV/ZfFrdD6bSrS+/RvA==
x-fb-trip-id
1082456386
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:34:52 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3219
date
Fri, 10 Sep 2021 19:41:13 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 21:41:13 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 19:59:02 GMT
x-content-type-options
nosniff
age
174950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 19:59:02 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 04 Sep 2021 10:00:32 GMT
x-content-type-options
nosniff
age
556460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:40:30 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Sep 2022 10:00:32 GMT
fontawesome-webfont.woff
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/
96 KB
96 KB
Font
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by
Host: 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
"5ebf13f0-17ee8"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
98024
icomoon.woff
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/
21 KB
21 KB
Font
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/icomoon.woff
Requested by
Host: 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
16f94be53f5a0f1b422b9fb0f88ecc3b0947c24c8b77ee6b6f62675c82499cc7

Request headers

Referer
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Fri, 15 May 2020 22:13:04 GMT
server
NetDNA-cache/2.2
etag
"5ebf13f0-5318"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
21272
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 03:46:01 GMT
x-content-type-options
nosniff
age
146931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 03:46:01 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 10:08:57 GMT
x-content-type-options
nosniff
age
123955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 10:08:57 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 15:24:31 GMT
x-content-type-options
nosniff
age
364221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15640
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:08:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 15:24:31 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 01:16:02 GMT
x-content-type-options
nosniff
age
155930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:23:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Sep 2022 01:16:02 GMT
refund-retriever.webm
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/06/
2 MB
2 MB
Media
General
Full URL
https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/06/refund-retriever.webm
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
2913feec9fb63ea6a725eacbc00f65421be938a8ed4549032de383a5f892a083

Request headers

Referer
https://www.refundretriever.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 10 Sep 2021 20:34:52 GMT
last-modified
Sat, 02 Jun 2018 07:22:20 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"5b1245ac-27c1d1"
vary
Accept-Encoding
x-cache
HIT
content-type
video/webm
Content-Range
bytes 0-2605520/2605521
cache-control
public, max-age=31536000
Content-Length
2605521
widget
salesiq.zoho.com/
121 KB
36 KB
Script
General
Full URL
https://salesiq.zoho.com/widget?plugin_source=wordpress
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
d949f06ea665836c1c47a3fd5cde928c9d1bf2df74cd3e7ff44c15f15bee6421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date
Fri, 10 Sep 2021 20:34:53 GMT
Content-Encoding
gzip
Server
ZGS
ETag
W/-843522577
vary
accept-encoding
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
must-revalidate
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000
Expires
Fri, 10 Sep 2021 20:39:53 GMT
1009085809176948
connect.facebook.net/signals/config/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1009085809176948?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.24 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-otp1.fbcdn.net
Software
/
Resource Hash
39a2df0cb95aeb34e950f5a27e9c6ee49aa07d126a781009eae27442b32744fd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
6Zox1+rHbD3uy+YHbrOlHZlzGWirN2rhK4jOWcM+i9R+/fERkZ3cW9+DMbsVslAFNtlGU2+zGf//UrCZZvZ+Sg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 10 Sep 2021 20:34:53 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1697785771&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refundretriever.com%2F&ul=en-us&de=UTF-8&dt=Refund%20Retriever%20%7C%20Shipment%20Auditing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=157976168&gjid=2115379492&cid=1622478023.1631306093&tid=UA-658657-1&_gid=1350201433.1631306093&_r=1&_slc=1&z=743202954
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refundretriever.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:34:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.refundretriever.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1067394428
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14041
x-xss-protection
0
server
cafe
etag
16185193972789726432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 20:34:53 GMT
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1009085809176948&ev=PageView&dl=https%3A%2F%2Fwww.refundretriever.com%2F&rl=&if=false&ts=1631306093157&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631306093157.1611514976&it=1631306092826&coo=false&exp=p1&rqm=GET
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 10 Sep 2021 20:34:53 GMT
adsct
t.co/i/
43 B
455 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nuwy3&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.refundretriever.com%2F
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 10 Sep 2021 20:34:53 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
98a3c12c8b116817b5e3e1dd2f97d3c3b0928b4b20895d123e78792679b3f3f4
x-transaction
f2f56ee0588a18dd
expires
Tue, 31 Mar 1981 05:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
5 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-45.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:34:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Aug 2021 21:34:05 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=74583
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2036
adsct
analytics.twitter.com/i/
31 B
658 B
Script
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nuwy3&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.refundretriever.com%2F
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 10 Sep 2021 20:34:53 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
0490915955acb277990a778f26db079503442bfd019865f546ab30beebe9d352
x-transaction
2a6d0fa4bcdad80c
expires
Tue, 31 Mar 1981 05:00:00 GMT
monitor.json
www.refundretriever.com/wp-content/svg-animation/monitor/
351 KB
35 KB
XHR
General
Full URL
https://www.refundretriever.com/wp-content/svg-animation/monitor/monitor.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
2fa8b71dd86e2b83fc56dc85a47d87f928034b9aeddd791568d8d3dc08cacdbc

Request headers

:path
/wp-content/svg-animation/monitor/monitor.json
pragma
no-cache
cookie
_ga=GA1.2.1622478023.1631306093; _gid=GA1.2.1350201433.1631306093; _gat=1; _gcl_au=1.1.2075027934.1631306093; _fbp=fb.1.1631306093157.1611514976; gclid=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
last-modified
Sat, 02 Jun 2018 07:21:35 GMT
server
nginx
x-cacheable
YES:2592000.000
x-powered-by
WP Engine
etag
W/"57d68-56da38ced94ce-gzip"
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 54
content-type
application/json
access-control-allow-origin
*
expires
Sat, 09 Oct 2021 18:37:43 GMT
cache-control
max-age=2592000, must-revalidate
x-cache-group
normal
analytics.json
www.refundretriever.com/wp-content/svg-animation/analytics/
523 KB
66 KB
XHR
General
Full URL
https://www.refundretriever.com/wp-content/svg-animation/analytics/analytics.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
514fa3baa5a2bcf0960f08913231f800f9ec9498e87da68cf09ee651425b5de7

Request headers

:path
/wp-content/svg-animation/analytics/analytics.json
pragma
no-cache
cookie
_ga=GA1.2.1622478023.1631306093; _gid=GA1.2.1350201433.1631306093; _gat=1; _gcl_au=1.1.2075027934.1631306093; _fbp=fb.1.1631306093157.1611514976; gclid=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
last-modified
Sat, 02 Jun 2018 07:21:34 GMT
server
nginx
x-cacheable
YES:2592000.000
x-powered-by
WP Engine
etag
W/"82a1e-56da38cea1a2e-gzip"
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 54
content-type
application/json
access-control-allow-origin
*
expires
Sat, 09 Oct 2021 18:37:43 GMT
cache-control
max-age=2592000, must-revalidate
x-cache-group
normal
contract.json
www.refundretriever.com/wp-content/svg-animation/contract/
527 KB
52 KB
XHR
General
Full URL
https://www.refundretriever.com/wp-content/svg-animation/contract/contract.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
2538aec1ee3393db08946eb6b70e4b7fbbe46952646fc889d3478431a4e44427

Request headers

:path
/wp-content/svg-animation/contract/contract.json
pragma
no-cache
cookie
_ga=GA1.2.1622478023.1631306093; _gid=GA1.2.1350201433.1631306093; _gat=1; _gcl_au=1.1.2075027934.1631306093; _fbp=fb.1.1631306093157.1611514976; gclid=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
last-modified
Sat, 02 Jun 2018 07:21:34 GMT
server
nginx
x-cacheable
YES:2592000.000
x-powered-by
WP Engine
etag
W/"83a42-56da38ceaf4ee-gzip"
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 52
content-type
application/json
access-control-allow-origin
*
expires
Sat, 09 Oct 2021 19:38:13 GMT
cache-control
max-age=2592000, must-revalidate
x-cache-group
normal
freight.json
www.refundretriever.com/wp-content/svg-animation/freight/
291 KB
23 KB
XHR
General
Full URL
https://www.refundretriever.com/wp-content/svg-animation/freight/freight.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
47161c47e2cf4d62a77738e180bbaf9aa096de56e12ee837218d7b0d01909604

Request headers

:path
/wp-content/svg-animation/freight/freight.json
pragma
no-cache
cookie
_ga=GA1.2.1622478023.1631306093; _gid=GA1.2.1350201433.1631306093; _gat=1; _gcl_au=1.1.2075027934.1631306093; _fbp=fb.1.1631306093157.1611514976; gclid=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
last-modified
Sat, 02 Jun 2018 07:21:34 GMT
server
nginx
x-cacheable
YES:2592000.000
x-powered-by
WP Engine
etag
W/"48a27-56da38cecba0e-gzip"
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 51
content-type
application/json
access-control-allow-origin
*
expires
Sat, 09 Oct 2021 19:38:13 GMT
cache-control
max-age=2592000, must-revalidate
x-cache-group
normal
Get_Refunds.json
www.refundretriever.com/wp-content/svg-animation/get_refunds/
217 KB
24 KB
XHR
General
Full URL
https://www.refundretriever.com/wp-content/svg-animation/get_refunds/Get_Refunds.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.3.198.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
b131a7e2cd89a8a9ee101a9198099e25cc24a6360aab70a8518f23d66c7a21ca

Request headers

:path
/wp-content/svg-animation/get_refunds/Get_Refunds.json
pragma
no-cache
cookie
_ga=GA1.2.1622478023.1631306093; _gid=GA1.2.1350201433.1631306093; _gat=1; _gcl_au=1.1.2075027934.1631306093; _fbp=fb.1.1631306093157.1611514976; gclid=undefined
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.refundretriever.com
referer
https://www.refundretriever.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
last-modified
Sat, 02 Jun 2018 07:21:35 GMT
server
nginx
x-cacheable
YES:2592000.000
x-powered-by
WP Engine
etag
W/"36571-56da38ced852e-gzip"
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 53
content-type
application/json
access-control-allow-origin
*
expires
Sat, 09 Oct 2021 18:37:43 GMT
cache-control
max-age=2592000, must-revalidate
x-cache-group
normal
collect
stats.g.doubleclick.net/j/
2 B
467 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-658657-1&cid=1622478023.1631306093&jid=157976168&gjid=2115379492&_gid=1350201433.1631306093&_u=IEBAAEAAAAAAAC~&z=1084279663
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
gm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refundretriever.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 20:34:53 GMT
content-type
text/plain
access-control-allow-origin
https://www.refundretriever.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240978%26time%3D1631306093317%26url%3Dhttps%253A%252F%252Fwww.refundretriever.com...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F&liSync=true
0
81 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F&liSync=true
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.37 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-11-37.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
7YdN7D+QoxbwOkoaKysAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAXLqgxBTZrW2SlLm2n3Eg==
pragma
no-cache
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9A72E79CA1D1433DA6BBA4F31D9E0B18 Ref B: PRG01EDGE0811 Ref C: 2021-09-10T20:34:53Z
x-frame-options
sameorigin
date
Fri, 10 Sep 2021 20:34:53 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631306093317&url=https%3A%2F%2Fwww.refundretriever.com%2F&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
getembeddetails.ls
salesiq.zoho.com/
14 KB
6 KB
XHR
General
Full URL
https://salesiq.zoho.com/getembeddetails.ls?widgetcode=fa0061f1c3b5c030b9fe52e5d4bb1272b798f6bb0a5821d561008dcccd84c902084a0623dd05d5b367ba9549aad41f28&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Frefundretriever.com&pagetitle=Refund%20Retriever%20%7C%20Shipment%20Auditing
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
0fb95916edefabd6abed5f483970ec36a6977c6fa5da5eb774dd887b55d4ca54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:34:53 GMT
Content-Encoding
gzip
Referrer-Policy
strict-origin
Server
ZGS
X-Frame-Options
SAMEORIGIN
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.refundretriever.com
Connection
keep-alive
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=63072000
Access-Control-Allow-Credentials
true
vary
accept-encoding
X-XSS-Protection
1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067394428/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067394428/?random=1631306093545&cv=9&fst=1631306093545&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refundretriever.com%2F&tiba=Refund%20Retriever%20%7C%20Shipment%20Auditing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s30-in-f2.1e100.net
Software
cafe /
Resource Hash
cf80b67687257ac3b9ed3249d606b6cd1371d56b238d0d65b60981061d15efcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1024
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
floatbutton_8655ac0af2d8c916be6e816177e26407_.css
css.zohocdn.com/salesiq/styles/
107 KB
22 KB
Stylesheet
General
Full URL
https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
0b747508abdbf79927ab45c52f3a713cdd6e3f65fa9e665b205fae6cd0756db2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css;charset=UTF-8
x-cache
HIT
last-modified
Mon, 06 Sep 2021 11:47:32 GMT
vary
Accept-Encoding
content-length
22063
x-xss-protection
1
nb-request-id
b3b8d49f42358a7f7efb5bce56de611c
server
ZGS
etag
"9ef5892e13ff3dd8583ccb07f8e05f0d"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-3115ac82976a4f4f9438deb02c99bfcb
accept-ranges
bytes
timing-allow-origin
*
floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
js.zohocdn.com/salesiq/js/
56 KB
14 KB
Script
General
Full URL
https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
Requested by
Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
1c047e23d2f7ba84b0e6c90cf51d03189b4d1718a953225c53de643d47b8c80a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:53 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Wed, 08 Sep 2021 14:03:39 GMT
vary
Accept-Encoding
content-length
14059
x-xss-protection
1
nb-request-id
1582291756c360863096ba18b5b44b83
server
ZGS
etag
"76d8a9ce8c9786f22e378333b7578486"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-13d4e98ef5cf4535b63066c9296eadbf
accept-ranges
bytes
timing-allow-origin
*
ga-audiences
www.google.com/ads/
42 B
522 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-658657-1&cid=1622478023.1631306093&jid=157976168&_u=IEBAAEAAAAAAAC~&z=592743739
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:34:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 3C45
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-otp1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
4326
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.refundretriever.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refundretriever.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://www.refundretriever.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.refundretriever.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Fri, 10 Sep 2021 20:34:53 GMT
/
www.google.com/pagead/1p-user-list/1067394428/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1067394428/?random=1631306093545&cv=9&fst=1631304000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refundretriever.com%2F&tiba=Refund%20Retriever%20%7C%20Shipment%20Auditing&async=1&fmt=3&is_vtc=1&random=1360325341&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 20:34:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/
10 KB
7 KB
Font
General
Full URL
https://css.zohocdn.com/salesiq/styles/fonts/float/siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf
Requested by
Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css
Origin
https://www.refundretriever.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
font/ttf
x-cache
HIT
last-modified
Fri, 02 Jul 2021 08:04:39 GMT
vary
Accept-Encoding
content-length
6434
x-xss-protection
1
nb-request-id
38da1e89b1babf8a62d86d676e42e9a1
server
ZGS
etag
"f923905063ae1874ef8ecb4d21486097"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-39358fa842e246309f0614df36d8928a
accept-ranges
bytes
timing-allow-origin
*
squatch.min.js
d2rcp9ak152ke1.cloudfront.net/assets/javascripts/
11 KB
4 KB
Script
General
Full URL
https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/squatch.min.js
Requested by
Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.90.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-90-92.muc50.r.cloudfront.net
Software
/
Resource Hash
3939ce56433d9755e6c11ad4e0a4f12b4e9db92e10245f9c707ed267998e581f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:34:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
MUC50-C1
Request-Time
20
X-Cache
Miss from cloudfront
Content-Disposition
inline; filename="squatch.min.js"
Connection
keep-alive
X-Request-ID
613bc16e38805a3ae23466b2
Access-Control-Allow-Origin
*
ETag
W/"3939ce56433d9755e6c11ad4e0a4f12b4e9db92e10245f9c707ed267998e581f"
strict-transport-security
max-age=31536000
Content-Type
application/javascript; charset=UTF-8
Via
1.1 google, 1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
Cache-Control
public, max-age=0, must-revalidate
Transfer-Encoding
chunked
X-Amz-Cf-Id
cMhn9_3Rjgb-UncQPJYfV9a-HxSEUU6ny7CANEVH8RkX-NeEWGH9WQ==
newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css
css.zohocdn.com/salesiq/styles/ Frame 10DB
181 KB
41 KB
Stylesheet
General
Full URL
https://css.zohocdn.com/salesiq/styles/newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
05b9e7ffa44d2a87259fbddbeb54c5b88984c2762d57ecd162a9da386add6508
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css;charset=UTF-8
x-cache
HIT
last-modified
Wed, 11 Aug 2021 09:00:03 GMT
vary
Accept-Encoding
content-length
41065
x-xss-protection
1
nb-request-id
cac8d7c55ec6eb05e20ea8b1d0b56dfc
server
ZGS
etag
"93e65819814c3c2933d46b350aca21d3"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-76c32af13ecc4a1dae586fd99f6aa5c6
accept-ranges
bytes
timing-allow-origin
*
Aug_25_2021_4_wmsliteapi.js
js.zohocdn.com/ichat/js/ Frame 10DB
18 KB
7 KB
Script
General
Full URL
https://js.zohocdn.com/ichat/js/Aug_25_2021_4_wmsliteapi.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
8ab8acda5f4380c2ca3705841da508098ec76721bb4e4291d023a098190a0497
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Wed, 25 Aug 2021 10:04:52 GMT
vary
Accept-Encoding
content-length
6735
x-xss-protection
1
nb-request-id
59f426b43e74c0c3ca02d51b03dbe4ef
server
ZGS
etag
"b57ade9fe7f4428f21e80cef1c6c3d2b"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-5530998c4a4f4c2d8908f0b283055ea3
accept-ranges
bytes
timing-allow-origin
*
siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
js.zohocdn.com/salesiq/js/ Frame 10DB
1 MB
278 KB
Script
General
Full URL
https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
ef95ea6df1bec600b2d5481ba1daf8c27dcd789b6168b20cb1045ac2ddd6a3b7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Wed, 08 Sep 2021 14:03:35 GMT
vary
Accept-Encoding
content-length
283667
x-xss-protection
1
nb-request-id
6d14208bf7658b1c1c0c52ac0fa40bbb
server
ZGS
etag
"612a38b0f68a6da7a02fef7d95fe14e9"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-d920bb11d74f401c9231f70618093168
accept-ranges
bytes
timing-allow-origin
*
resource_d5350f7c333142ae5570f4083f4ddf26_.js
js.zohocdn.com/salesiq/js/resource/embed/ Frame 10DB
41 KB
13 KB
Script
General
Full URL
https://js.zohocdn.com/salesiq/js/resource/embed/resource_d5350f7c333142ae5570f4083f4ddf26_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
a1b564421ca890a73e892d590b24ca1f1f40197ee01f32dcec2126e5ea2c24e4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:54 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Mon, 09 Aug 2021 03:47:55 GMT
vary
Accept-Encoding
content-length
12475
x-xss-protection
1
nb-request-id
f2e411bdb2dd9b8ee4ce288c03ab42e3
server
ZGS
etag
"7ec6aa00fefb08310a306a863aff736e"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-46ec740573e0473b91cd9522e67a98af
accept-ranges
bytes
timing-allow-origin
*
jquery-1.9.0.min.js
d2rcp9ak152ke1.cloudfront.net/assets/javascripts/
91 KB
33 KB
Script
General
Full URL
https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/jquery-1.9.0.min.js
Requested by
Host: d2rcp9ak152ke1.cloudfront.net
URL: https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/squatch.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.90.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-90-92.muc50.r.cloudfront.net
Software
/
Resource Hash
83cb9d780013816db6796f5afa97f415af4452f9179122d55d989892cf72f66e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 12:51:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
5557395
Request-Time
6
X-Cache
Hit from cloudfront
Content-Disposition
inline; filename="jquery-1.9.0.min.js"
Connection
keep-alive
X-Request-ID
60e6f4db7a66ab236b5d9369
Access-Control-Allow-Origin
*
ETag
W/"83cb9d780013816db6796f5afa97f415af4452f9179122d55d989892cf72f66e"
strict-transport-security
max-age=31536000
Content-Type
application/javascript; charset=UTF-8
Via
1.1 google, 1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
MUC50-C1
X-Amz-Cf-Id
UoAjqIyWU-fXvjuLI59pRARFC5H2o-VqsSRByYFtHqsPM4xodiD8fA==
easyXDM.min.js
d2rcp9ak152ke1.cloudfront.net/assets/javascripts/
20 KB
8 KB
Script
General
Full URL
https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/easyXDM.min.js
Requested by
Host: d2rcp9ak152ke1.cloudfront.net
URL: https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/jquery-1.9.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.90.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-90-92.muc50.r.cloudfront.net
Software
/
Resource Hash
67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 06 Feb 2021 07:06:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
18710906
Request-Time
9
X-Cache
Hit from cloudfront
Content-Disposition
inline; filename="easyXDM.min.js"
Connection
keep-alive
X-Request-ID
601e3ff4c73de87323e01635
Access-Control-Allow-Origin
*
ETag
W/"67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271"
strict-transport-security
max-age=31536000
Content-Type
application/javascript; charset=UTF-8
Via
1.1 google, 1.1 5b3be43b5ff3292b36e9c737ff94254a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
MUC50-C1
X-Amz-Cf-Id
Hf5IIlVu4l6IVBx5I4WuzOQyq8LVYWbL8Z0ncNyVMZXtVQcl6gXG-w==
squatchcookie
app.referralsaasquatch.com/a/azcmogcpdnqjl/widgets/ Frame 7B70
338 B
520 B
Document
General
Full URL
https://app.referralsaasquatch.com/a/azcmogcpdnqjl/widgets/squatchcookie?xdm_e=https%3A%2F%2Fwww.refundretriever.com&xdm_c=default3616&xdm_p=1
Requested by
Host: d2rcp9ak152ke1.cloudfront.net
URL: https://d2rcp9ak152ke1.cloudfront.net/assets/javascripts/easyXDM.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.133.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.133.107.34.bc.googleusercontent.com
Software
/
Resource Hash
f81d4b249de02d8a760900feebd2d51714e22052505277c58901e7889ac30a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
app.referralsaasquatch.com
:scheme
https
:path
/a/azcmogcpdnqjl/widgets/squatchcookie?xdm_e=https%3A%2F%2Fwww.refundretriever.com&xdm_c=default3616&xdm_p=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.refundretriever.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/

Response headers

request-time
6
x-request-id
613bc16f38805a3ae2346706
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
date
Fri, 10 Sep 2021 20:34:55 GMT
content-type
text/html; charset=UTF-8
content-length
338
via
1.1 google
alt-svc
clear
a0af8585_wmsbridge.js
js.zohocdn.com/ichat/js/ Frame 10DB
14 KB
5 KB
Script
General
Full URL
https://js.zohocdn.com/ichat/js/a0af8585_wmsbridge.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Aug_25_2021_4_wmsliteapi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
46a22048274c0cc10f19fa25826c410e0e4f13182e831b17a86348696a0c88c8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Wed, 11 Aug 2021 12:33:22 GMT
vary
Accept-Encoding
content-length
4372
x-xss-protection
1
nb-request-id
ac3aeb424e9e83fd14dccd475e563a90
server
ZGS
etag
"edca76feae4d2289d097ca655fb886cb"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-c895b04650ad4cfbbd7768ff23672fa4
accept-ranges
bytes
timing-allow-origin
*
easyXDM.min.js
build-mlo38xbym-saasquatch1.vercel.app/assets/javascripts/ Frame 7B70
20 KB
8 KB
Script
General
Full URL
https://build-mlo38xbym-saasquatch1.vercel.app/assets/javascripts/easyXDM.min.js
Requested by
Host: app.referralsaasquatch.com
URL: https://app.referralsaasquatch.com/a/azcmogcpdnqjl/widgets/squatchcookie?xdm_e=https%3A%2F%2Fwww.refundretriever.com&xdm_c=default3616&xdm_p=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://app.referralsaasquatch.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:55 GMT
content-encoding
br
server
Vercel
age
33989
x-vercel-id
fra1::2fsqv-1631306095321-200897ca4723
etag
W/"67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271"
x-robots-tag
noindex
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="easyXDM.min.js"
x-vercel-cache
HIT
fetchvisitorconfigurations.ls
salesiq.zohopublic.com/refundretriever/ Frame 10DB
769 B
1 KB
XHR
General
Full URL
https://salesiq.zohopublic.com/refundretriever/fetchvisitorconfigurations.ls?avuid=6a563e54-9ed2-4617-8e32-8215485ac128&lsid=66158000000002015&fetchallfields=true
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
c7d085c2ffe07c8034220c155d84bc228c5ab63f1b3ae93e8e3839d45152ed2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept
*/*
Referer
https://www.refundretriever.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 20:34:55 GMT
X-Content-Type-Options
nosniff
Server
ZGS
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
769
X-XSS-Protection
1
security-html-sanitizer.min.js
js.zohocdn.com/zohosecurity/v5_0/js/ Frame 10DB
27 KB
11 KB
Script
General
Full URL
https://js.zohocdn.com/zohosecurity/v5_0/js/security-html-sanitizer.min.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:34:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Thu, 26 Aug 2021 06:14:10 GMT
vary
Accept-Encoding
content-length
10688
x-xss-protection
1
nb-request-id
b44bea6a444e77d0199fed96019e466b
server
ZGS
etag
"16e09f706d00343e3265b1dd7a230dd5"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-09f41a73c6324db7b3467a89a0c4ad95
accept-ranges
bytes
timing-allow-origin
*
photo.ls
salesiq.zohopublic.com/refundretriever/clogo/1558643552103_43599262/ Frame 10DB
2 KB
3 KB
Image
General
Full URL
https://salesiq.zohopublic.com/refundretriever/clogo/1558643552103_43599262/photo.ls?nps=202
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
d763c14f72fb8765cdeeb09a48828694b64362171d03316bd4feb675d7240979
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date
Fri, 10 Sep 2021 20:34:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 23 May 2019 20:32:31 GMT
Server
ZGS
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=63072000
Content-Type
image/png;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
embedpostload_d62fdd276a2d2d28125db7b872efb274_.js
js.zohocdn.com/salesiq/js/ Frame 10DB
18 KB
6 KB
Script
General
Full URL
https://js.zohocdn.com/salesiq/js/embedpostload_d62fdd276a2d2d28125db7b872efb274_.js
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
24a7245b068cd67b93e8ab032856bf496f6c1d8073a71a76475fb8e625e8db2d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript;charset=UTF-8
x-cache
HIT
last-modified
Fri, 02 Jul 2021 08:08:01 GMT
vary
Accept-Encoding
content-length
5909
x-xss-protection
1
nb-request-id
6e2998b7e0bc97bdfd70b5f10cbc4e91
server
ZGS
etag
"e80e54c098e3424ca8c8e21cc90d245e"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-6acb7582376649dfbb10bc4e88be2716
accept-ranges
bytes
timing-allow-origin
*
embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css
css.zohocdn.com/salesiq/styles/ Frame 10DB
3 KB
1 KB
Stylesheet
General
Full URL
https://css.zohocdn.com/salesiq/styles/embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css
Requested by
Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.143.183.48 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
462e9c88a7913141f066865a63a979f3d526d371f3561ab829ee30c5c734ab5a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.refundretriever.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 20:35:05 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
text/css;charset=UTF-8
x-cache
HIT
last-modified
Fri, 02 Jul 2021 08:04:34 GMT
vary
Accept-Encoding
content-length
589
x-xss-protection
1
nb-request-id
dcff0d15d1ab61704f4999e78e19f433
server
ZGS
etag
"e02da7321fcab60a70c344c7ae94450c"
strict-transport-security
max-age=15768000, max-age=63072000
content-language
en-US
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=7776000, immutable
z-origin-id
ux4-25921ed3e95143be9f06d230bb04fda7
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| _wpemojiSettings undefined| $ function| jQuery string| cssTarget string| ForceInlineSVGActive object| html5 object| Modernizr object| a2a_config object| gaconnector2 function| fbq function| _fbq object| root string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| bodymovin function| jq2 object| $zoho object| d object| s object| t object| a2a object| twemoji object| wp object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| getValue function| GAd function| g_c function| IFrameSupport object| value object| _sqh object| twttr string| _linkedin_data_partner_id object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate function| sprintf function| vsprintf object| uiAutocompleteL10n object| MyAcSearch object| nectarLove object| headerEl object| headerSpaceEl function| Waypoint function| EvEmitter function| imagesLoaded object| a3_lazyload_params object| a3_lazyload_extend_params function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| bodhisvgsInlineSupport function| NectarSocial function| lintrk boolean| _already_called_lintrk string| waypointContextKey object| $ZSIQLSDB object| $ZSIQCookie object| $zsalobj object| $zsalobjrestricted object| UDHandler object| $ZSIQUtil object| $ZSIQLicence function| handleIframeFunction object| $UTSHandler object| $ZSIQUTS object| $ZSIQUTSAction function| _ZLDReq object| ResponseFormatter object| $ZSIQChat boolean| isdomloadhandled boolean| WEBSITE_VISITOR_API_FLOW_ENABLED object| _ZSIQ object| $ZSIQAnalytics object| $ZSIQAutopick object| $zohosq object| $zcb object| $zv object| $zlm object| $zlch string| $zla boolean| $ZSIQ_UTSinitialized function| $ZSisThresholdExceeded function| $ZDestroyFloatData function| $ZNotifyTracking function| $ZShandleEvent number| SIQ_FLOAT number| SIQ_BUTTON number| SIQ_PERSONALIZE boolean| _WINDOW_REPOPULATE function| loadStaticFiles function| notifyOnCDNFailure function| appendReferrer string| api_lang function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| val boolean| iscdnenabled object| cssjslist object| $ZSIQChatWindow function| zsiqdrag object| $ZSIQTemplate object| $ZSIQWidgetUI object| $ZSIQWidget function| _typeof function| squatchQuery object| easyXDM

20 Cookies

Domain/Path Name / Value
.refundretriever.com/ Name: _ga
Value: GA1.2.1622478023.1631306093
.refundretriever.com/ Name: _gid
Value: GA1.2.1350201433.1631306093
.refundretriever.com/ Name: _gat
Value: 1
.refundretriever.com/ Name: _gcl_au
Value: 1.1.2075027934.1631306093
.refundretriever.com/ Name: _fbp
Value: fb.1.1631306093157.1611514976
crm.zoho.com/ Name: crmcsr
Value: 7d4592b7-cace-4a2a-ad77-2cdd6c7eac95
www.refundretriever.com/ Name: gclid
Value: undefined
.twitter.com/ Name: personalization_id
Value: "v1_4ye7ekenD4ZgeWHoXEJxjg=="
salesiq.zoho.com/ Name: LS_CSRF_TOKEN
Value: 76b1b3fb-0248-4a63-b962-d46da905712a
.linkedin.com/ Name: UserMatchHistory
Value: AQKeYP7BfviTSwAAAXvRa5TDuuTMG3-8B-u34gVKb_-gkDlblqRbUH-2KtBws_MPn81yYerscntdbQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJFvfKtrCoLDwAAAXvRa5TDluL45h4AU8QFnIQQ6SKTfupP5fxtEKoHP6SQlnSSnHlk40JMkBifai09P0ip0A
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&704f46c8-bbae-470d-83e2-2962dca8605c"
.linkedin.com/ Name: lidc
Value: "b=OGST05:s=O:r=O:a=O:p=O:g=2301:u=1:x=1:i=1631306093:t=1631392493:v=2:sig=AQE1VaOZDJ8cR4ByWOckvb9i38gfRiVW"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2021091020345490678432-dc28-467e-8bf2-e644e0049d07AQG6Pd_HLDwNXLJ3lZk2eAwNZAl21N8E"
.refundretriever.com/ Name: refundretriever-_zldp
Value: 2B9J9i2sXclpe%2Few%2BaQkJcR9bLwbSs1L%2BEPXkPxILTyhv8RAVuteeV9reJuBcwlJpRUK595EVd8%3D
.refundretriever.com/ Name: refundretriever-_zldt
Value: fdbba910-98c0-4075-98c8-767e15775b64-0
salesiq.zohopublic.com/ Name: LS_CSRF_TOKEN
Value: 04dc0fd1-398d-41c2-bb40-5232621d6296

1 Console Messages

Source Level URL
Text
javascript warning URL: https://www.refundretriever.com/
Message:
The resource https://js.zohocdn.com/ichat/js/a0af8585_wmsbridge.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
analytics.twitter.com
app.referralsaasquatch.com
build-mlo38xbym-saasquatch1.vercel.app
cdnjs.cloudflare.com
connect.facebook.net
crm.zoho.com
css.zohocdn.com
d2rcp9ak152ke1.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.zohocdn.com
platform.twitter.com
px.ads.linkedin.com
refund-retriever.com
salesiq.zoho.com
salesiq.zohopublic.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.gaconnector.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.refundretriever.com
104.16.18.94
104.198.3.239
104.244.42.3
104.244.42.5
108.174.11.37
13.107.42.14
136.143.183.48
142.250.64.66
142.250.65.200
142.250.65.226
142.250.80.10
142.250.80.67
142.250.80.68
142.250.80.78
142.251.4.155
172.67.39.148
185.60.218.24
185.60.218.35
199.232.136.157
204.141.42.49
204.141.42.97
204.141.43.67
23.218.209.45
34.107.133.18
35.172.187.134
76.76.21.21
94.31.29.99
99.84.90.92
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
05b9e7ffa44d2a87259fbddbeb54c5b88984c2762d57ecd162a9da386add6508
0b747508abdbf79927ab45c52f3a713cdd6e3f65fa9e665b205fae6cd0756db2
0c55ac0f4463deb4e694227e07b735dd88a80cd63db79de18c6f14b77a266116
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0fb95916edefabd6abed5f483970ec36a6977c6fa5da5eb774dd887b55d4ca54
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
16269aa9d7d3e729a4247c073f2a0cc19f00c747006933746fc93cb34674d592
16f94be53f5a0f1b422b9fb0f88ecc3b0947c24c8b77ee6b6f62675c82499cc7
18584b5fca585444cc86adfc374bca6d805a0e12d73495beeab6d94a4da264d9
198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2
19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf
1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7
1c047e23d2f7ba84b0e6c90cf51d03189b4d1718a953225c53de643d47b8c80a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
24a7245b068cd67b93e8ab032856bf496f6c1d8073a71a76475fb8e625e8db2d
2538aec1ee3393db08946eb6b70e4b7fbbe46952646fc889d3478431a4e44427
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2913feec9fb63ea6a725eacbc00f65421be938a8ed4549032de383a5f892a083
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2e1607a9854f56156d4a8ec04c29d74e7dc2417af6dbcb7ec69a1bbd36b030d1
2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c
2fa8b71dd86e2b83fc56dc85a47d87f928034b9aeddd791568d8d3dc08cacdbc
30235170f66db7a1bf6b3760dd45a2790afcfa1da343b4e40132ebd09ef426c2
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
350fd754e649c114716de90c5d07a6d7ff424012e768b4325dc837ae3f1d2f91
3939ce56433d9755e6c11ad4e0a4f12b4e9db92e10245f9c707ed267998e581f
39a2df0cb95aeb34e950f5a27e9c6ee49aa07d126a781009eae27442b32744fd
3fb5076df5212d5cc3ec0ee4de8ba86e1285b7817b9f3b21695b8ad7f7ee2185
42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
462e9c88a7913141f066865a63a979f3d526d371f3561ab829ee30c5c734ab5a
46a22048274c0cc10f19fa25826c410e0e4f13182e831b17a86348696a0c88c8
47161c47e2cf4d62a77738e180bbaf9aa096de56e12ee837218d7b0d01909604
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
514fa3baa5a2bcf0960f08913231f800f9ec9498e87da68cf09ee651425b5de7
5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8
59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42
67550e05f94037dadbc105e54b9f29fc3d3a06eb83f6445fa9fb16fe4ace9271
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432
6b5730ae9f33a0a7afe9a86492c861267b99a4bc832cb74ad0412b14639c0d01
6ffe5bb7b2bbd10ab6e9bdb605a8806d77ceb9d7a08a007e10b53471c4fa9c76
71a607ab6050f64e6fd078d3ecb45517636623f4c82bb2d96fbfdfee0cfb8a73
773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900
7877050ec9f0a551a1c47b1654c9434bf40b8b8a65c61e2c1cc64b0d4696ee38
7ac138b6a78fd04c92aab6020c2669e91f2b0fc9e832a0e15faaefdce19c1e85
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
8227a862b924b10dd6f1937cc73288d73111599d2968728fc762baf159cc3e78
83cb9d780013816db6796f5afa97f415af4452f9179122d55d989892cf72f66e
87395046866379105ced9e87a7758136a01de599efa54a175b9781350c1a8e22
87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1
8ab8acda5f4380c2ca3705841da508098ec76721bb4e4291d023a098190a0497
8b5fc6c399a32bc4fd40a94fc3cbc02bd7467094f3d080bfcb5d25accc081e54
8e93ff9c9d6311c36c75b167f77b97a012ec931c88d308b883fcc576f967b146
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2
96b73859ad716f59d0b85c8ceb06c6b58c7ea6dce73113e0e8672c266ba2956b
9fb928d8f5b3158259cc5390de2faeee1a2aaadeb4bfce76c0fd7f2639a7b1ea
a1b564421ca890a73e892d590b24ca1f1f40197ee01f32dcec2126e5ea2c24e4
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a5c1beaa3e3011831d0c8fc84b02f5362c126cb0dc5dc6f4a0fdbe0ba3f93d1f
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c
ab49fef43f10b1493313953f207fec4841377695eceadcf8e10c859108e477ec
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad68db4a8b6ee0732c3645ad9fe195980b541348dd3d8cbaec74e1c43a988f7a
adffbd9a5c5c73d059d7014b9cea24d3a191c1eb1cdb17bde04334f009d63e2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b131a7e2cd89a8a9ee101a9198099e25cc24a6360aab70a8518f23d66c7a21ca
b36f9723de1d9f13021891814f4ed7269f2ede9bb814f9a914eefaeb5eb1f516
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b6b203a8271d3c2c88aea8b4bcd5a2816a016b872d41517cb30a50e767ccf47e
b7f704024ab4f0f285cf64a102f571b3b68ec93e680ace66038a1ef6339802c9
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c33fd000b3ac6efa19d96da09a83a10bc128a61d51deae55c28c8404a3870610
c38e742875752b72d19079688bfcbc6198ec10a95f8476e709317cee4345c2af
c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a
c7d085c2ffe07c8034220c155d84bc228c5ab63f1b3ae93e8e3839d45152ed2a
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
ce4cfe5020df792fb1ac39bb2f9c6ae7a0e4468423735a477b45785579ac602f
cf80b67687257ac3b9ed3249d606b6cd1371d56b238d0d65b60981061d15efcf
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d763c14f72fb8765cdeeb09a48828694b64362171d03316bd4feb675d7240979
d949f06ea665836c1c47a3fd5cde928c9d1bf2df74cd3e7ff44c15f15bee6421
d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4
dc49fc342e53b4c9ba763abbd82e3f0c39a889f35b35cbf5d0f186b08934a4c2
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd7c6455d147604f844eaad405ad7100a56fe6011af06d7fad546693b09ce284
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8d90b297b7103c351e76dc0f7e9dd783a6e25d059e158ccd297967357c0d8
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8abb21406964a1a136fe0e19ed35c030ac4cb318b7a2917497c8cdf8b9d734
ef95ea6df1bec600b2d5481ba1daf8c27dcd789b6168b20cb1045ac2ddd6a3b7
f7988e3c04dbf5148adeed726b95dd21259e6cb9d3de4b608cf39ee35834c361
f81d4b249de02d8a760900feebd2d51714e22052505277c58901e7889ac30a61
f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd9f04b42522f652398f4a708fb884a2dca0585d69056251b3cdbffbdc2d1de6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff57968ba0d995d2dbcaa80779cb40a1dbc93d1bf5ee78301dc49629108bbd9d