refundmore.com Open in urlscan Pro
2600:9000:20eb:2800:9:92b2:c580:93a1  Public Scan

Submitted URL: https://www.refundmore.eu/
Effective URL: https://refundmore.com/
Submission: On November 20 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 17 IPs in 4 countries across 12 domains to perform 56 HTTP transactions. The main IP is 2600:9000:20eb:2800:9:92b2:c580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is refundmore.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 30th 2024. Valid for: a year.
This is the only time refundmore.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 188.166.81.245 14061 (DIGITALOC...)
4 2600:9000:20e... 16509 (AMAZON-02)
2 2400:52e0:1e0... 60068 (CDN77 Dat...)
2 3.161.82.33 16509 (AMAZON-02)
27 13.224.189.50 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 18.245.46.55 16509 (AMAZON-02)
2 172.217.16.195 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.17.25.14 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
1 142.250.184.226 15169 (GOOGLE)
1 54.81.205.47 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
2 18.244.18.9 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-AS...)
56 17
Apex Domain
Subdomains
Transfer
31 refundmore.com
refundmore.com
1 MB
6 elev.io
cdn.elev.io — Cisco Umbrella Rank: 27313
ipa.elev.io — Cisco Umbrella Rank: 26731
events.elev.io — Cisco Umbrella Rank: 182644
119 KB
4 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4433
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5051
imgsct.cookiebot.com — Cisco Umbrella Rank: 5232
130 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
56 KB
2 youtube.com
img.youtube.com — Cisco Umbrella Rank: 1700
78 KB
2 gstatic.com
fonts.gstatic.com
39 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
109 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 5857
8 KB
2 usefathom.com
cdn.usefathom.com — Cisco Umbrella Rank: 18826
3 KB
2 refundmore.eu
www.refundmore.eu
refundmore.eu
568 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
56 12
Domain Requested by
31 refundmore.com refundmore.com
3 cdn.elev.io refundmore.com
cdn.elev.io
2 events.elev.io cdn.elev.io
2 consent.cookiebot.com www.googletagmanager.com
consent.cookiebot.com
2 cdnjs.cloudflare.com refundmore.com
cdnjs.cloudflare.com
2 img.youtube.com refundmore.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com refundmore.com
www.googletagmanager.com
2 fonts.googleapis.com refundmore.com
2 widget.trustpilot.com refundmore.com
widget.trustpilot.com
2 cdn.usefathom.com refundmore.com
1 imgsct.cookiebot.com
1 consentcdn.cookiebot.com consent.cookiebot.com
1 ipa.elev.io cdn.elev.io
1 pagead2.googlesyndication.com www.googletagmanager.com
1 refundmore.eu 1 redirects
1 www.refundmore.eu 1 redirects
56 17
Subject Issuer Validity Valid
refundmore.com
Amazon RSA 2048 M02
2024-10-30 -
2025-11-28
a year crt.sh
cdn.usefathom.com
R10
2024-11-14 -
2025-02-12
3 months crt.sh
*.trustpilot.com
Amazon RSA 2048 M03
2024-01-03 -
2025-01-31
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdn.elev.io
Amazon RSA 2048 M02
2024-04-12 -
2025-05-10
a year crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-28 -
2025-02-27
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.elev.io
Amazon RSA 2048 M02
2024-08-09 -
2025-09-08
a year crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1
2024-02-26 -
2025-02-26
a year crt.sh

This page contains 4 frames:

Primary Page: https://refundmore.com/
Frame ID: 48A41F49180BE26215C20F26BDC31D8E
Requests: 54 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
Frame ID: B956B5320B595F3FB5BD7BA455433E8E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frefundmore.com
Frame ID: B9824DC4DB3691922C43DAA52DF08222
Requests: 1 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 4760CEE68D8C5292CBFF53D6BCA70E98
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Delayed or cancelled flight? The airline should compensate you!

Page URL History Show full URLs

  1. https://www.refundmore.eu/ HTTP 301
    https://refundmore.eu/ HTTP 301
    https://refundmore.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

56
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

17
Subdomains

17
IPs

4
Countries

1867 kB
Transfer

3394 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.refundmore.eu/ HTTP 301
    https://refundmore.eu/ HTTP 301
    https://refundmore.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
refundmore.com/
Redirect Chain
  • https://www.refundmore.eu/
  • https://refundmore.eu/
  • https://refundmore.com/
80 KB
16 KB
Document
General
Full URL
https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:9:92b2:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
server /
Resource Hash
935af7389c521b15ab14fd2117d50de0f643baf35fd84b07f13d809024921b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 17:06:59 GMT
feature-policy
vibrate 'self'
font-src
https://fonts.gstatic.com
frame-src
https://optimize.google.com
img-src
https://www.google-analytics.com https://www.googletagmanager.com https://optimize.google.com
referrer-policy
no-referrer-when-downgrade
script-src
https://www.googleanalytics.com https://www.google-analytics.com https://www.googleoptimize.com https://optimize.google.com 'unsafe-inline'
server
server
strict-transport-security
max-age=31536000; includeSubDomains
style-src
https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'
vary
Accept-Encoding
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
x-amz-cf-id
AZx_lnbWb8L2LOsLvyTRXULQdypWl2wnLwae_VyCAzU6tZTOyb3UMg==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff nosniff
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

content-length
162
content-type
text/html
date
Wed, 20 Nov 2024 17:06:59 GMT
location
https://refundmore.com/
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cabin.css
refundmore.com/cabin-build/css/
75 KB
15 KB
Stylesheet
General
Full URL
https://refundmore.com/cabin-build/css/cabin.css?id=f506dab096e8320f03b0f15e12a00a82
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:9:92b2:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
server /
Resource Hash
1b2f320d2374bc065442d02673c263d4739b7d27decd50583b6f25865f0b1c1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

x-amz-cf-pop
FRA2-C1
content-encoding
gzip
etag
W/"673450c7-12c04"
x-content-type-options
nosniff
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
PDOjObfVVqXDb5n2brFgkHuQCeez6K8Twll-S0rcuSMt3gHUpTttSw==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Wed, 13 Nov 2024 07:09:59 GMT
vary
Accept-Encoding
server
server
x-frame-options
SAMEORIGIN
script.js
cdn.usefathom.com/
6 KB
2 KB
Script
General
Full URL
https://cdn.usefathom.com/script.js
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

cdn-status
200
content-encoding
br
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-vapor-base64-encode
True
date
Wed, 20 Nov 2024 17:07:00 GMT
last-modified
Wed, 11 Sep 2024 17:57:56 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 18:30:08
cache-control
public, max-age=0
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestid
5ae6e6bcb945ce5a46f0a03838280156
cdn-pullzone
506217
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
1080
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
NL
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/
23 KB
8 KB
Script
General
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

content-encoding
gzip
etag
"7d4644d89e45fe92623bdd628e60e8dd"
age
50718
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
29ue3pOkniP6HZ2K6v9DUA3iOXh2TcBSc015z1MUU1OUnUtf3sk-UA==
date
Wed, 20 Nov 2024 03:01:43 GMT
content-type
application/x-javascript
last-modified
Wed, 09 Oct 2024 12:04:38 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=86400
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
7350
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P10
server
AmazonS3
x-amz-server-side-encryption
AES256
logo_white.svg
refundmore.com/storage/media/
9 KB
3 KB
Image
General
Full URL
https://refundmore.com/storage/media/logo_white.svg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:9:92b2:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
server /
Resource Hash
dbd3b0cdf1788631c5103de09ee7e20bf1903a5800ce89478817c2341ea5524c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

x-amz-cf-pop
FRA2-C1
content-encoding
gzip
etag
W/"5dd7a294-2292"
x-content-type-options
nosniff
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
6pKlwk5VeWxHqmrA9tdWl7Fd7Dr4Md8aq8s0LOylj2Xisy18bcjJTw==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Fri, 22 Nov 2019 08:55:48 GMT
vary
Accept-Encoding
server
server
x-frame-options
SAMEORIGIN
en-flag.png
refundmore.com/cabin-build/images/icons/flags/
437 B
705 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/icons/flags/en-flag.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
92266987faaad4286019e061b898d616e5ab1366db4e76a3f5c06d6f5a8a2dff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-1b5"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
437
x-amz-cf-id
0VHlI9AvKRPeQSDdEbosbXuYznBBXvsX-yTqoluuSWETy5BNesWlRQ==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
da-flag.png
refundmore.com/cabin-build/images/icons/flags/
183 B
451 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/icons/flags/da-flag.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
b0e43cbb8dca923403c156d5015a5ed97117344bc2687eeaf93f8279d7853a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-b7"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
183
x-amz-cf-id
2CTBNBmnLxEJQKb84fpGsWAA_9aMqDTsxXcNnFIr_vPKbFvq7YYPWg==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
se-flag.png
refundmore.com/cabin-build/images/icons/flags/
195 B
462 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/icons/flags/se-flag.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
55d7a223ed7472d52f39d3462765050fa498096138ba6d0d18ab658340b164e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-c3"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
195
x-amz-cf-id
yJupFhk2jHPojq4mMsxIAzcGGzIQ-HRkOfKEd--bXI8nuWXWY7gg5Q==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
no-flag.png
refundmore.com/cabin-build/images/icons/flags/
236 B
502 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/icons/flags/no-flag.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
b5b71b67ee5afb85a779560bc09f5ede4fbd25d302f942a671439fe3dd743df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-ec"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
236
x-amz-cf-id
ZHRDbhWN8MQCwnHwy_Ulsa4UirZphuxl_m9rR5cuQoeA20Z5W-Qxfw==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
fi-flag.png
refundmore.com/cabin-build/images/icons/flags/
158 B
424 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/icons/flags/fi-flag.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
84b67401d613698452e33f1dc44743833923ada48740397bbfc13a77088934b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-9e"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
158
x-amz-cf-id
AaAjkVV4AO8KQtRlpjH9Fr-eGq8IPKPBKusNy61vVbLYsMEpmZo08Q==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
refundmore-v-white.png
refundmore.com/storage/media/
6 KB
6 KB
Image
General
Full URL
https://refundmore.com/storage/media/refundmore-v-white.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:9:92b2:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
server /
Resource Hash
e55ca5dd3fb9f932cf88fa680d5d5fcfef6ac9e766155c4e17c9db803654ea1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5dd7a295-17b6"
x-content-type-options
nosniff
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
6070
x-amz-cf-id
LS_-jj7mvtDiWgpI454Hq-POf3X9_YRvWqUWgWwZl4QuRD83HRAmWw==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 22 Nov 2019 08:55:49 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
tp-white-text.svg
refundmore.com/cabin-build/images/cabin/trustpilot/
4 KB
2 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/tp-white-text.svg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

server
server
content-encoding
gzip
etag
W/"620ccc65-104e"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
c1RisTP05_K4wi2v0OqbIwpps8PpkzgK0ptixpLMoSJPbsXoMMPPrg==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
x-frame-options
SAMEORIGIN
4.5.png
refundmore.com/cabin-build/images/cabin/trustpilot/stars/
2 KB
2 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/stars/4.5.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
8719511b8f32bb60c83904246234da141352d76ff3abf3eb62e6576b22cd8904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-665"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
1637
x-amz-cf-id
LNiRPYj9K9RAvghk2w7TlMmVVG37UnzM7lfuRK0SVWgO2CIx9kNUzA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
dr-logo.png
refundmore.com/storage/media/
991 B
1 KB
Image
General
Full URL
https://refundmore.com/storage/media/dr-logo.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
ae67c376072a9ada231ff05825534a9a91058916caf246a717363eb5bd4d2ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5e5e27dd-3df"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
991
x-amz-cf-id
HXw7QlQySTAHClmys-22iM8y6KXYWWvVn9pbe69OuTSL0R-uUnbpdw==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 03 Mar 2020 09:48:13 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
berlingske-logo.png
refundmore.com/storage/media/
7 KB
7 KB
Image
General
Full URL
https://refundmore.com/storage/media/berlingske-logo.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
5c4b3858980a3d3d7913a5f4c4065f5ddf445776d393824ccf7b83ab25179e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5e5e27d7-1aee"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
6894
x-amz-cf-id
eALDRoC7oHOeypSVpf6glghv-Q7BIExHcKtGOGVcOXQCokK00951yA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 03 Mar 2020 09:48:07 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
bt-logo.png
refundmore.com/storage/media/
18 KB
18 KB
Image
General
Full URL
https://refundmore.com/storage/media/bt-logo.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
5ea0924839f64269b2871a6c5b63d40ad85dc67a0b8fe377e6a639800ac5a35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5e5e27d8-4744"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
18244
x-amz-cf-id
Mvi8X-TcvIH_zAQPJqxCCuCHUdkxbWYQKTuOFKuroPMdibYw676_3w==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 03 Mar 2020 09:48:08 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
jyllands-posten-logo.png
refundmore.com/storage/media/
3 KB
3 KB
Image
General
Full URL
https://refundmore.com/storage/media/jyllands-posten-logo.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
87aa77470c7071f9aea084ad55208bf980089925d0d98e3f69aa8c956127875f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5e5e27de-cea"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
3306
x-amz-cf-id
F9xLQM6xjM9LrFwzJOMhcQlDi4zAaBrs4cjCZbGFq_coo8SzIQqo3w==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 03 Mar 2020 09:48:14 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
tv2-logo.png
refundmore.com/storage/media/
2 KB
2 KB
Image
General
Full URL
https://refundmore.com/storage/media/tv2-logo.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
f1d601dab557e99a84c1aa1990e01ff7675a2e9b739c094cd5df53e9eb896088
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5e5e27de-618"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
1560
x-amz-cf-id
r9z28wXKGnSWHCVO-WyGQrQbeJl6GndGt8PKvVqd9S0LfyIJG6WtZA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 03 Mar 2020 09:48:14 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
tryg-en.png
refundmore.com/cabin-build/images/cabin/tryg-logos/
2 KB
3 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/tryg-logos/tryg-en.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
084101692fab3f8b0ae68d6bb10f4974f3dbd8b7537298a983d4ac89dccc0523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-930"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
2352
x-amz-cf-id
B_-wVEDK-J2EXxZRcUW6IKnjq0vcmQPi0Aq9Wb0RJH9ETFi3f0c6rA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
benedikte.jpeg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/
18 KB
19 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/benedikte.jpeg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
2f5a6f0cb7a2997342232293a3ace736990ba135386d37f0be13b930ec017c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-490d"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
18701
x-amz-cf-id
BBmsuD75ipYOra7qXdIz5a_XF6nVn_3lzE2ObmT9fTPgQNhSwGHX1A==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
anton.jpg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/
20 KB
20 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/anton.jpg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
cf968be21080a7e32f87b4d4d52dcc7f2eb19d94e74961658a6e1afd35c38761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"66a9dfdb-50e9"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
20713
x-amz-cf-id
YH_O1HQCuxmD8T7Sjq4fZ2N3Qcm-3W1Jo1CX3ad4BXRaca5nnjU4WA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 31 Jul 2024 06:55:23 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
frederik.jpeg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/
38 KB
38 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/frederik.jpeg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
081b5793a3604412f29911078fcf735b8c900c0442fdd89e138142664f7b7d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"662cc9be-97b8"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
38840
x-amz-cf-id
1NqaHyf1etAy2DfDvHKGJ3zKuIS-b2MO5R7X_VYzgl3cR-kOF4uzQQ==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Sat, 27 Apr 2024 09:47:42 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
benedikte-new.jpg
refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/
933 KB
933 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/why-choose-us/benedikte-new.jpg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
9224a0902ec7191d0b7cb1e277c465cf7cf1913bb211b116c1821da7cb3a50b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"665ee6c4-e9373"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
955251
x-amz-cf-id
rfjJVHA7PsNutIrpfCuvdS3dYFdc63igyn-jvf4Wn-TQBO8JBWQ2oA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 04 Jun 2024 10:04:52 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
bgr_outline.svg
refundmore.com/cabin-build/images/cabin/widgets/join-us/
31 KB
8 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/join-us/bgr_outline.svg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
b515858a2f8a8f3846408795bab0b6edbadd19abd87de4fa9ab2c791917b698c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

server
server
content-encoding
gzip
etag
W/"620ccc65-7bd1"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
YPoDyviZy2yRGb_YmGV2WQt2rURHCCN66sKBg4aU8pKMIzTWTLhRKQ==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
x-frame-options
SAMEORIGIN
bgr_mobile.svg
refundmore.com/cabin-build/images/cabin/widgets/join-us/
16 KB
5 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/widgets/join-us/bgr_mobile.svg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
5262da07c075d3129b62caf94f05f76d9f99af19bd39d63731ca01cbc6bd636c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

server
server
content-encoding
gzip
etag
W/"620ccc65-40ac"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
NLYRLxfImo9HsgsHm-F1gIZ-Rt7P_jwZd3Duiidx1m3maG0lsJU6lA==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
x-frame-options
SAMEORIGIN
Refundmore%20blue%20cuttet.png
refundmore.com/storage/media/
16 KB
16 KB
Image
General
Full URL
https://refundmore.com/storage/media/Refundmore%20blue%20cuttet.png
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
d28df623e62954a860e280c352a6ad8ae471786a2bfb3d01422ed5241590cfbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"5dd7a295-40a0"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
16544
x-amz-cf-id
e4LbTy_5H90A4e384luQaHmXItdDazDEGwzFmM2u9KhD7p6ybnI1_w==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Fri, 22 Nov 2019 08:55:49 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
cabin.js
refundmore.com/cabin-build/js/
666 KB
185 KB
Script
General
Full URL
https://refundmore.com/cabin-build/js/cabin.js?id=4ba6c2e71e1109af97c99e3f4ce1f991
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
a10f03dab07a46358a3f1fe44b977d72a012bb28d0e8e8623a8ff4a07866fd78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

server
server
content-encoding
gzip
etag
W/"673451a3-a667f"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
RrYLSxfOYQfAlAJQzZoUheN09lpfcPvUGwNEL4-MAGT80qWwStvSGQ==
date
Wed, 20 Nov 2024 17:07:00 GMT
x-xss-protection
1; mode=block
content-type
application/javascript; charset=utf-8
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 07:13:39 GMT
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/
10 KB
863 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900
Requested by
Host: refundmore.com
URL: https://refundmore.com/cabin-build/css/cabin.css?id=f506dab096e8320f03b0f15e12a00a82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f2415e755c01ef543fed9125edc15a305758f01817ed09878f208a2a3749b42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/cabin-build/css/cabin.css?id=f506dab096e8320f03b0f15e12a00a82

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:07:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 17:07:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 17:07:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:300,400,500,600,700,800
Requested by
Host: refundmore.com
URL: https://refundmore.com/cabin-build/css/cabin.css?id=f506dab096e8320f03b0f15e12a00a82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6aaddcb1ca4af1257fe93d9993efcb1becebe237c66d2ddb82a46caded7e354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/cabin-build/css/cabin.css?id=f506dab096e8320f03b0f15e12a00a82

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:07:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 17:07:00 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 20 Nov 2024 17:07:00 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/
321 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0abd1fb8edc35e704fe8a9e32cfa8f22cd08afacf2b7bb4efa1d5adf9f7cce3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 20 Nov 2024 17:07:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 17:07:01 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 20 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110593
x-xss-protection
0
server
Google Tag Manager
elevio-bootloader.js
cdn.elev.io/sdk/bootloader/v4/
794 B
1 KB
Script
General
Full URL
https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5e3165d9250b1
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab135659fd911eec420c7f1586b70d71d616415247b9a6ddb4a10e234dcd2aa3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

x-amz-version-id
lsYuJL1M7m3xYYeJB2rD8_uduNN10msk
etag
"96c5db343c7753fa2229b742bc1fe147"
age
49912
x-cache
Hit from cloudfront
x-amz-cf-id
ZCNkr4HDcAclzXZYVGynfbSgxRhlnbUo7r4GVEntBvtomsKFuirz5g==
date
Wed, 20 Nov 2024 03:15:10 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 02 May 2024 07:15:45 GMT
cache-control
max-age=300
cross-origin-resource-policy
cross-origin
via
1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
794
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://refundmore.com
Referer
https://fonts.googleapis.com/

Response headers

age
123830
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 06:43:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 06:43:11 GMT
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
19740
x-xss-protection
0
server
sffe
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:400,700,900|Playfair+Display:400,700,900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f195.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://refundmore.com
Referer
https://fonts.googleapis.com/

Response headers

age
4962
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 15:44:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 15:44:19 GMT
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
20028
x-xss-protection
0
server
sffe
/
refundmore.com/cabin-build/images/cabin/trustpilot/users/
548 B
548 B
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/users/
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

content-encoding
gzip
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
bYyqk0CO6kXwXD2I8gAlvMT93eGZ4X9F4lgubMPyla9X4ksFy5ZG9g==
date
Wed, 20 Nov 2024 17:07:01 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
FRA2-C1
server
server
vary
Accept-Encoding
sddefault.jpg
img.youtube.com/vi/ikBmnFd4xPI/
34 KB
34 KB
Image
General
Full URL
https://img.youtube.com/vi/ikBmnFd4xPI/sddefault.jpg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b06eb64065e10a9585ffa4b5c8d2ae1a780c7a31ed59d6b2534f589c7ea865
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"1606978227"
age
4868
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:45:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 15:45:53 GMT
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
35159
x-xss-protection
0
server
sffe
sddefault.jpg
img.youtube.com/vi/i0nbNpoqE4w/
43 KB
43 KB
Image
General
Full URL
https://img.youtube.com/vi/i0nbNpoqE4w/sddefault.jpg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e9c43abdca659c098c1623ffe84951b35dee5030a915678f05257d2849eeb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"0"
age
4868
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Wed, 20 Nov 2024 17:45:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 15:45:53 GMT
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
44051
x-xss-protection
0
server
sffe
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/
45 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03eae-b5ff"
age
85637
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BzJZtmu686hWr69BLO37hdt9Woufn8LLa514f5GcsFdjZtn6u6cLx7A85bILFWnkB5yrywb0%2FGvAqvTcYopg4l7PVB4FHqXH7kXXeK8i81oMq6UpJFnawq%2BOflBtiMlWDC37q3X0"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 17:07:01 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 17:07:01 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5a08af49260ea7-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
5229
server
cloudflare
index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame B956
0
0
Document
General
Full URL
https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=5c347395dc25ca0001b7c76f
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-33.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://refundmore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
55722
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Wed, 20 Nov 2024 01:38:20 GMT
etag
W/"4972275c924c5dabec5683eed3a241e4"
last-modified
Thu, 31 Oct 2024 12:43:17 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
vary
accept-encoding
via
1.1 3c13cc51908e4d37d2a5046d7703e256.cloudfront.net (CloudFront)
x-amz-cf-id
r1OV1VygQefJVGqZ020uiwvea0Vq61uNZ9pb906qatv6K40wiiXzkQ==
x-amz-cf-pop
FRA56-P10
x-amz-meta-cache-control
max-age=86400
x-amz-server-side-encryption
AES256
x-amz-version-id
null
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
elevio-main.js
cdn.elev.io/sdk/main/v4/1714634144204/
392 KB
102 KB
Script
General
Full URL
https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Requested by
Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/bootloader/v4/elevio-bootloader.js?cid=5e3165d9250b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eff675463cdd7fa83e596bef0da69affed168d370af3f8703993ae42c4d80a10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

content-encoding
gzip
x-amz-version-id
Q4cFTfD0NTVe99rdHOv63VqG7bJ7Pq_T
etag
W/"cb11f8ca9f8a5761d8cd635ec64618ae"
age
55077
x-cache
Hit from cloudfront
x-amz-cf-id
qS-sUfoqPD1zAvukox1ZV4__k6NItLd6lWIXFL9NdTCfvR1d1-repA==
date
Wed, 20 Nov 2024 01:49:05 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Thu, 02 May 2024 07:15:45 GMT
cache-control
max-age=2592000, public, immutable
cross-origin-resource-policy
cross-origin
via
1.1 6b15a9d1514a5645abfd43cbf330ce48.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
/
cdn.usefathom.com/
43 B
442 B
Image
General
Full URL
https://cdn.usefathom.com/?h=https%3A%2F%2Frefundmore.com&p=%2F&r=&sid=HPKGWSVX&qs=%7B%7D&cid=41375134
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

cdn-status
200
date
Wed, 20 Nov 2024 17:07:01 GMT
content-type
text/plain; charset=utf-8, image/gif
cdn-cachedat
11/20/2024 17:07:01
cdn-cache
MISS
cdn-requestpullcode
200
cache-control
public, max-age=0
cdn-requestpullsuccess
True
tk
N
pragma
no-cache
cdn-uid
aa90c48b-f401-4fa1-aac1-c94c8f3ae560
cdn-requestid
75e3134819c863d8e49fb0a6d37b251a
cdn-pullzone
506217
cdn-proxyver
1.06
cdn-requesttime
0
content-length
43
cdn-edgestorageid
1082
server
BunnyCDN-DE1-1081
cdn-requestcountrycode
NL
user_male_01.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/
2 KB
3 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_male_01.jpeg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
1de28a05a6ea8846e9a6c7795594e0345c50dea7ab50b5b53898eed84687b7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-8fd"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
2301
x-amz-cf-id
TvIDg88GLXGCox9XUm6i-3W0lFFtZfes-E7YODTi3GtW4szbupqW-A==
date
Wed, 20 Nov 2024 17:07:01 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
user_female_01.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/
3 KB
3 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_female_01.jpeg
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
ca398a8202a85a7d527725b5ac1d99b21c23631eca177796e9db91a5e727e59b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-a31"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
2609
x-amz-cf-id
7mJE58TfBpuT5QrrYiEAnAs7BVeCp9wcR4JpM9fRzujb1QA2JhYSaA==
date
Wed, 20 Nov 2024 17:07:01 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
ionicons.woff2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/
49 KB
50 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/ionicons.woff2?v=4.5.4
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://refundmore.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03eae-c57c"
age
3531395
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJP4oHrAOzkabGpz7f6BoqbFsUf2DiyZ7shDKbGZe%2BVAVlOO%2Fcc8e%2FnsRUyTU6VAvibWP0s4kyrCTmTQ6KIJLI5%2B1hYpMR3misx0HgaD%2Fig6iP8lzxxRfibuNuD8vKXv890PdU%2BY"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 10 Nov 2025 17:07:02 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 17:07:02 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:11:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e5a08b25aa8b7c6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
50556
server
cloudflare
uc.js
consent.cookiebot.com/
110 KB
34 KB
Script
General
Full URL
https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a291 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=686
content-encoding
gzip
etag
"42d4c62e8219db1:0"
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
expires
Wed, 20 Nov 2024 17:18:30 GMT
accept-ranges
bytes
content-length
34533
date
Wed, 20 Nov 2024 17:07:04 GMT
content-type
application/javascript
last-modified
Tue, 08 Oct 2024 13:01:25 GMT
vary
Accept-Encoding
collect
pagead2.googlesyndication.com/ccm/
0
0
Ping
General
Full URL
https://pagead2.googlesyndication.com/ccm/collect?en=page_view&dl=https%3A%2F%2Frefundmore.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2038251493.1732122424&npa=1&gtm=45He4bj0v830896570za200&gcs=G100&gcd=13p3p3p2p5l1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732122423946&tfd=5643&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame B982
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Frefundmore.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFKBMFW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
72805
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Nov 2024 20:53:39 GMT
expires
Wed, 19 Nov 2025 20:53:39 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
en
ipa.elev.io/api/settings/5e3165d9250b1/
2 KB
818 B
XHR
General
Full URL
https://ipa.elev.io/api/settings/5e3165d9250b1/en?is_init_load=true&loggedin_only=false&first_name=null&last_name=null&registered_at=null&previewMode=false&url=https%3A%2F%2Frefundmore.com%2F
Requested by
Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.81.205.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-205-47.compute-1.amazonaws.com
Software
/
Resource Hash
95b99676f06d2a677068a1add8211c5bc55bcdeada837372199b9e361ac9014b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Wed, 20 Nov 2024 17:07:05 GMT
content-type
application/json
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 4760
0
0
Document
General
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Referer
https://refundmore.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 17:07:06 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Thu, 20 Nov 2025 17:07:06 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1732122425165_388276618_1167089873_29_1030_24_952_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
cc.js
consent.cookiebot.com/c534c4ce-d56b-4ccf-b945-5466ff1c5451/
332 KB
95 KB
Script
General
Full URL
https://consent.cookiebot.com/c534c4ce-d56b-4ccf-b945-5466ff1c5451/cc.js?renew=false&referer=refundmore.com&dnt=false&init=false
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=c534c4ce-d56b-4ccf-b945-5466ff1c5451&implementation=gtm&consentmode-dataredaction=dynamic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:18::1724:a291 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
df86f0e0b8296b5b83c6646d786048d638663e220245343876dd0ec283c1586e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

cache-control
private, max-age=1200
access-control-expose-headers
Request-Context
content-encoding
gzip
cross-origin-resource-policy
cross-origin
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
content-length
97216
date
Wed, 20 Nov 2024 17:07:05 GMT
content-type
application/x-javascript; charset=utf-8
last-modified
Wed, 20 Nov 2024 17:07:05 GMT
vary
Accept-Encoding
elevio-noto-sans-400.woff
cdn.elev.io/sdk/fonts/
14 KB
14 KB
Font
General
Full URL
https://cdn.elev.io/sdk/fonts/elevio-noto-sans-400.woff
Requested by
Host: refundmore.com
URL: https://refundmore.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://refundmore.com
Referer
https://refundmore.com/

Response headers

x-amz-version-id
null
etag
"66388ef84ff4c5d874ed3875ea4c110b"
age
34516
access-control-allow-methods
GET, PUT
x-cache
Hit from cloudfront
x-amz-cf-id
fJ75Ouq__VkVCLCWYRVb70spNoe5C7oqnj-WpJkhczMm3t27TD1uMA==
date
Wed, 20 Nov 2024 07:31:50 GMT
content-type
application/font-woff
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified
Tue, 07 Jul 2020 06:02:44 GMT
cross-origin-resource-policy
cross-origin
via
1.1 ad3a844607df41a7152eab5ebe6e4056.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
13976
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
events
events.elev.io/v1/
13 B
606 B
XHR
General
Full URL
https://events.elev.io/v1/events
Requested by
Host: cdn.elev.io
URL: https://cdn.elev.io/sdk/main/v4/1714634144204/elevio-main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-9.fra56.r.cloudfront.net
Software
/
Resource Hash
f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://refundmore.com/

Response headers

access-control-max-age
86400
x-amz-apigw-id
BjiRYFy9oAMEQLw=
x-amzn-trace-id
Root=1-673e173b-355a91407338c70266eeb9af;Parent=343bd7031255aa77;Sampled=0;Lineage=1:ba02c674:0
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-amzn-requestid
b441ff77-353d-458c-a80d-38dfa9a30a33
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
13
x-amz-cf-id
hecVRgYtgmtNZSw6tWU2Hosnu4AZcJdZ0YS62TGL-7niLZa2wY0sTg==
date
Wed, 20 Nov 2024 17:07:07 GMT
content-type
application/json
x-amz-cf-pop
FRA56-P11
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
1.gif
imgsct.cookiebot.com/
35 B
780 B
Image
General
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=c534c4ce-d56b-4ccf-b945-5466ff1c5451
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

x-goog-metageneration
1
Access-Control-Expose-Headers
*
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
ETag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
35
Date
Wed, 20 Nov 2024 17:07:07 GMT
Last-Modified
Mon, 23 Oct 2023 11:39:32 GMT
Content-Type
image/gif
X-GUploader-UploadID
AFiumC5lQSmiFqtL_gTUEIiwFbeppdKJqX6At84hcU9KBQ-DhD_H-oOkwa8jCu0-d5HBNbRmfA
Cache-Control
public,max-age=1800
x-goog-storage-class
STANDARD
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
x-goog-generation
1698061172769999
Content-Length
35
Server
UploadServer
events
events.elev.io/v1/ Frame
0
0
Preflight
General
Full URL
https://events.elev.io/v1/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://refundmore.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-elevio-debug-temp
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 20 Nov 2024 17:07:07 GMT
via
1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
x-amz-apigw-id
BjiRVEPkoAMEEEw=
x-amz-cf-id
m34RZi4mSFIoTDcrEjiYQxGxVQyliYsdwk0vaHhTZHAMoL99fanmuw==
x-amz-cf-pop
FRA56-P11
x-amzn-requestid
561f67cf-c12e-47fd-9703-475bae0354d2
x-cache
Miss from cloudfront
favicon.ico
refundmore.com/
8 KB
8 KB
Other
General
Full URL
https://refundmore.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
123ebf0b10a7ecadd2216a355ce655137f80fcf8139885ec3bf886a6fa61c4ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

server
server
content-encoding
gzip
etag
W/"5dd79b68-1fa1"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
obfuTExNOYVlNWT_jXdhLRwzDoTytZWniIV7Ua8a1DCrAu6pcrYAtg==
date
Wed, 20 Nov 2024 17:07:06 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
x-amz-cf-pop
FRA2-C1
vary
Accept-Encoding
last-modified
Fri, 22 Nov 2019 08:25:12 GMT
x-frame-options
SAMEORIGIN
truncated
/
921 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
293 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
user_female_04.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/
2 KB
2 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_female_04.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
7322cdde785ab616730a38ae78021d56c63ccb78e392386192dd97c5087557d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-7c5"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
1989
x-amz-cf-id
M5Nwb6ouMu_nBqt_OGYUB3ZZk4E6GD11H7S6FCBqSMFnq_lfFHpm-A==
date
Wed, 20 Nov 2024 17:07:08 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
user_female_02.jpeg
refundmore.com/cabin-build/images/cabin/trustpilot/users/
2 KB
3 KB
Image
General
Full URL
https://refundmore.com/cabin-build/images/cabin/trustpilot/users/user_female_02.jpeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.224.189.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-50.fra2.r.cloudfront.net
Software
server /
Resource Hash
91995ceef2db709c668c66dada3f4c3546f31fa5cd2ad202834ba0d6334668f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://refundmore.com/

Response headers

etag
"620ccc65-962"
x-content-type-options
nosniff
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
2402
x-amz-cf-id
TSkapSmhJvHXqDzxeq-AOnm24Y331V3OQn-mRXH_npZavw38JN3jIg==
date
Wed, 20 Nov 2024 17:07:08 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 16 Feb 2022 10:05:25 GMT
server
server
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 number| LoadingTimeout function| getParameterByName function| getCookie object| dataLayer object| _elev object| webpackChunk object| __core-js_shared__ object| __algolia object| regeneratorRuntime function| _ function| axios string| applyHere string| algoliaPrefix string| algoliaIClaimerSuffix string| algoliaUser string| algoliaKey object| Vue object| VueScrollTo object| helpers function| addCss object| fathom object| Trustpilot object| google_tag_manager object| google_tag_data object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| CookiebotDialog object| CookieConsentDialog function| setCookie function| setAffiliateCookie function| urlHasUTMSource

3 Cookies

Domain/Path Name / Value
refundmore.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZtU0U1UGVZZk1tZlVvUy9mMFFTUmc9PSIsInZhbHVlIjoiQWpDK3hXemhKV2w3QnhWb1ZacUhYQm41R3hXVDJCdm83eUk1Vy9JUmtTcmJ2ZE4yZnQ2NnpaWEVQY1Rpcmc1UHpaNjhqejhGUmNUQzdSK01uWm56NkZjODJBek1ucHJhYzBZNGg5NElOUW5UTlJDd0xrSVVOWG41dTBNc2dhZ04iLCJtYWMiOiJkN2EyMzkyODc5MzY1NDY4MDUyNmM2MDM3Y2UxZGI3M2UxNzE1NzliYzQ2MjQyYjc2M2QxMDc2OGIxZWE5NWM3IiwidGFnIjoiIn0%3D
refundmore.com/ Name: refundmore_session
Value: eyJpdiI6IndVRTg1SFRPSHdaR0lOL0pOY2xxNXc9PSIsInZhbHVlIjoiUUxXUDRQeGRCamxIL3c5eWdqMWZzZk5IT2pFb1Rrd3B0Zk1TT2dVV2Fhay9DTTFyNGFjVlptM2wxN3dxYUxTQmpvdnpTMzNyNmV1b0t4VUxyeXRiSGhPdVJsYy8vWEFPL0NNR09ZSTl6My9nZGQvOGZoRUtKaWQvOFY2bzFQL2giLCJtYWMiOiJhNTNlNGIyOGI1YzgzNzcxNjU3ZDcwMzI0M2QwMDM1N2NjNzlmZDY2MzIyYmJhODU5MGExNTI1NWFiNzQxMWQ0IiwidGFnIjoiIn0%3D
refundmore.com/ Name: initialURL
Value: https://refundmore.com/

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
network error URL: https://refundmore.com/cabin-build/images/cabin/trustpilot/users/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options sameorigin SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.elev.io
cdn.usefathom.com
cdnjs.cloudflare.com
consent.cookiebot.com
consentcdn.cookiebot.com
events.elev.io
fonts.googleapis.com
fonts.gstatic.com
img.youtube.com
imgsct.cookiebot.com
ipa.elev.io
pagead2.googlesyndication.com
refundmore.com
refundmore.eu
widget.trustpilot.com
www.googletagmanager.com
www.refundmore.eu
104.17.25.14
13.224.189.50
142.250.184.226
172.217.16.195
18.244.18.9
18.245.46.55
188.166.81.245
2400:52e0:1e00::1081:1
2600:9000:20eb:2800:9:92b2:c580:93a1
2a00:1450:4001:809::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a02:26f0:3500:18::1724:a291
2a02:26f0:3500:886::f09
2a02:26f0:3500:887::f09
3.161.82.33
54.81.205.47
057bb1905a283c2d6f0a097301ee734776f51ddcf903bffe422cbdbc02d98c23
081b5793a3604412f29911078fcf735b8c900c0442fdd89e138142664f7b7d59
084101692fab3f8b0ae68d6bb10f4974f3dbd8b7537298a983d4ac89dccc0523
0abd1fb8edc35e704fe8a9e32cfa8f22cd08afacf2b7bb4efa1d5adf9f7cce3f
0e9c43abdca659c098c1623ffe84951b35dee5030a915678f05257d2849eeb3a
0ec90d231372019fbb27c844ccefdc46a6837f62906fd4c9adefab05fa10c963
123ebf0b10a7ecadd2216a355ce655137f80fcf8139885ec3bf886a6fa61c4ce
15c001519dc1296f39660e3857f63ee90b0196835ec033c7026435de0cb752ce
1b2f320d2374bc065442d02673c263d4739b7d27decd50583b6f25865f0b1c1b
1de28a05a6ea8846e9a6c7795594e0345c50dea7ab50b5b53898eed84687b7f7
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2f5a6f0cb7a2997342232293a3ace736990ba135386d37f0be13b930ec017c2b
4927b7da535c5807c37389f0bbb54116b35cdc2f86a7a74d47175dee008c01d8
5262da07c075d3129b62caf94f05f76d9f99af19bd39d63731ca01cbc6bd636c
55d7a223ed7472d52f39d3462765050fa498096138ba6d0d18ab658340b164e1
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5c4b3858980a3d3d7913a5f4c4065f5ddf445776d393824ccf7b83ab25179e6e
5ea0924839f64269b2871a6c5b63d40ad85dc67a0b8fe377e6a639800ac5a35b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f2415e755c01ef543fed9125edc15a305758f01817ed09878f208a2a3749b42
7322cdde785ab616730a38ae78021d56c63ccb78e392386192dd97c5087557d6
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
84b67401d613698452e33f1dc44743833923ada48740397bbfc13a77088934b6
860f3d82e7c3fa3faf23f9b8ac369a5afad68f2d8de1c18fc78de511c6ab6126
8719511b8f32bb60c83904246234da141352d76ff3abf3eb62e6576b22cd8904
87aa77470c7071f9aea084ad55208bf980089925d0d98e3f69aa8c956127875f
91995ceef2db709c668c66dada3f4c3546f31fa5cd2ad202834ba0d6334668f1
9224a0902ec7191d0b7cb1e277c465cf7cf1913bb211b116c1821da7cb3a50b0
92266987faaad4286019e061b898d616e5ab1366db4e76a3f5c06d6f5a8a2dff
935af7389c521b15ab14fd2117d50de0f643baf35fd84b07f13d809024921b6d
95b99676f06d2a677068a1add8211c5bc55bcdeada837372199b9e361ac9014b
a10f03dab07a46358a3f1fe44b977d72a012bb28d0e8e8623a8ff4a07866fd78
a6aaddcb1ca4af1257fe93d9993efcb1becebe237c66d2ddb82a46caded7e354
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab135659fd911eec420c7f1586b70d71d616415247b9a6ddb4a10e234dcd2aa3
ae67c376072a9ada231ff05825534a9a91058916caf246a717363eb5bd4d2ea6
b0e43cbb8dca923403c156d5015a5ed97117344bc2687eeaf93f8279d7853a7a
b30b70e2067e407e427ac15a978091acb030d9b2db360ea2a3ce3eec6ef474e5
b515858a2f8a8f3846408795bab0b6edbadd19abd87de4fa9ab2c791917b698c
b5b06eb64065e10a9585ffa4b5c8d2ae1a780c7a31ed59d6b2534f589c7ea865
b5b71b67ee5afb85a779560bc09f5ede4fbd25d302f942a671439fe3dd743df9
c69de41dda83f00cc1b13dba90a57f25df046286ecd227bdd0c4d51d94947b61
ca398a8202a85a7d527725b5ac1d99b21c23631eca177796e9db91a5e727e59b
cf968be21080a7e32f87b4d4d52dcc7f2eb19d94e74961658a6e1afd35c38761
d28df623e62954a860e280c352a6ad8ae471786a2bfb3d01422ed5241590cfbb
dbd3b0cdf1788631c5103de09ee7e20bf1903a5800ce89478817c2341ea5524c
df86f0e0b8296b5b83c6646d786048d638663e220245343876dd0ec283c1586e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ca5dd3fb9f932cf88fa680d5d5fcfef6ac9e766155c4e17c9db803654ea1e
eff675463cdd7fa83e596bef0da69affed168d370af3f8703993ae42c4d80a10
f1d601dab557e99a84c1aa1990e01ff7675a2e9b739c094cd5df53e9eb896088
f40a853e58a18759e1f7321d266d63494e320e9651af27d9373ec16380e414b6