urlscan.io logo urlscan.io
SecurityTrails logo

get.steamrefund.com Open in urlscan Pro
172.67.74.64  Public Scan

Go To Rescan Add Verdict Report
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=...
Submission: On October 13 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 31 IPs in 4 countries across 25 domains to perform 81 HTTP transactions. The main IP is 172.67.74.64, located in United States and belongs to CLOUDFLARENET, US. The main domain is get.steamrefund.com.
TLS certificate: Issued by GTS CA 1P5 on October 11th 2023. Valid for: 3 months.
This is the only time get.steamrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 7 172.67.74.64 13335 (CLOUDFLAR...)
2 13.224.181.52 16509 (AMAZON-02)
1 18.67.111.129 16509 (AMAZON-02)
4 172.217.167.72 15169 (GOOGLE)
15 18.67.108.26 16509 (AMAZON-02)
3 13.224.181.123 16509 (AMAZON-02)
2 54.152.34.75 14618 (AMAZON-AES)
1 142.250.204.2 15169 (GOOGLE)
2 142.250.67.4 15169 (GOOGLE)
1 142.251.221.66 15169 (GOOGLE)
1 151.101.193.140 54113 (FASTLY)
5 151.101.129.44 54113 (FASTLY)
1 104.18.0.48 13335 (CLOUDFLAR...)
5 23.206.243.10 20940 (AKAMAI-ASN1)
2 18.67.91.245 16509 (AMAZON-02)
1 151.101.28.157 54113 (FASTLY)
1 23.77.129.249 16625 (AKAMAI-AS)
1 3 18.67.93.21 16509 (AMAZON-02)
3 157.240.8.23 32934 (FACEBOOK)
4 142.251.221.78 15169 (GOOGLE)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
2 38.133.127.159 22075 (AS-OUTBRAIN)
1 5 35.190.43.134 15169 (GOOGLE)
1 142.250.71.67 15169 (GOOGLE)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 151.101.129.140 54113 (FASTLY)
2 157.240.8.35 32934 (FACEBOOK)
2 175.41.191.212 16509 (AMAZON-02)
1 141.226.224.32 200478 (TABOOLA-AS)
2 141.226.229.48 200478 (TABOOLA-AS)
81 31
7    172.67.74.64 (United States)

ASN13335 (CLOUDFLARENET, US)
get.steamrefund.com
2    13.224.181.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-52.syd1.r.cloudfront.net
builder-assets.unbounce.com
1    18.67.111.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-129.syd62.r.cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
4    172.217.167.72 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f8.1e100.net
www.googletagmanager.com
15    18.67.108.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-108-26.syd62.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
3    13.224.181.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-123.syd1.r.cloudfront.net
fonts.ub-assets.com
2    54.152.34.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-34-75.compute-1.amazonaws.com
events.ub-analytics.com
1    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
adservice.google.com
2    142.250.67.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f4.1e100.net
www.google.com
1    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
googleads.g.doubleclick.net
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
5    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
pips.taboola.com
1    104.18.0.48 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.stape.io
5    23.206.243.10 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-243-10.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    18.67.91.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-91-245.syd62.r.cloudfront.net
sc-static.net
1    151.101.28.157 (Sydney, Australia)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.77.129.249 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-129-249.deploy.static.akamaitechnologies.com
amplify.outbrain.com
3    18.67.93.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-21.syd62.r.cloudfront.net
s.adroll.com
3    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
4    142.251.221.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net
www.google-analytics.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    38.133.127.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
tr.outbrain.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net
www.google.com.au
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
2    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
2    175.41.191.212 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
d.adroll.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
16 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
459 KB
8 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
trc.taboola.com — Cisco Umbrella Rank: 680
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
trc-events.taboola.com — Cisco Umbrella Rank: 2281
32 KB
7 steamrefund.com
get.steamrefund.com
gtm.steamrefund.com Failed
18 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 927
2 KB
5 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3302
d.adroll.com — Cisco Umbrella Rank: 1495
32 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 766
138 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
299 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
122 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3400
tr.outbrain.com — Cisco Umbrella Rank: 3137
wave.outbrain.com Failed
8 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 118
www.google.com — Cisco Umbrella Rank: 2
563 B
3 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 31611
50 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
239 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
2 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1157
34 KB
2 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 36641
233 B
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 26844
37 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1613
637 B
1 google.com.au
www.google.com.au — Cisco Umbrella Rank: 24314
455 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 869
726 B
1 t.co
t.co — Cisco Umbrella Rank: 614
377 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 792
15 KB
1 stape.io
cdn.stape.io — Cisco Umbrella Rank: 56540
6 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1380
8 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
2 KB
81 25
Domain Requested by
15 d9hhrg4mnvzow.cloudfront.net get.steamrefund.com
7 get.steamrefund.com 2 redirects get.steamrefund.com
5 tr.snapchat.com 1 redirects sc-static.net
5 analytics.tiktok.com get.steamrefund.com
analytics.tiktok.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
get.steamrefund.com
4 www.googletagmanager.com get.steamrefund.com
www.googletagmanager.com
3 connect.facebook.net get.steamrefund.com
connect.facebook.net
3 s.adroll.com 1 redirects get.steamrefund.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
2 trc-events.taboola.com cdn.taboola.com
2 d.adroll.com s.adroll.com
2 www.facebook.com get.steamrefund.com
2 pixel.tapad.com 2 redirects
2 tr.outbrain.com amplify.outbrain.com
2 sc-static.net get.steamrefund.com
tr.snapchat.com
2 www.google.com www.googletagmanager.com
get.steamrefund.com
2 events.ub-analytics.com d1wbjksx0xxdn3.cloudfront.net
2 builder-assets.unbounce.com get.steamrefund.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 alb.reddit.com get.steamrefund.com
1 trc.taboola.com cdn.taboola.com
1 www.google.com.au get.steamrefund.com
1 analytics.twitter.com get.steamrefund.com
1 t.co get.steamrefund.com
1 amplify.outbrain.com get.steamrefund.com
1 static.ads-twitter.com get.steamrefund.com
1 cdn.stape.io www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 adservice.google.com www.googletagmanager.com
1 d1wbjksx0xxdn3.cloudfront.net get.steamrefund.com
0 gtm.steamrefund.com Failed cdn.stape.io
0 wave.outbrain.com Failed amplify.outbrain.com
81 35

This site contains no links.

Subject Issuer Validity Valid
steamrefund.com
GTS CA 1P5		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
stape.io
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-22 -
2023-10-20		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-20 -
2024-08-19		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-08 -
2024-10-08		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2023-10-09 -
2024-11-07		 a year crt.sh

This page contains 5 frames:

Primary Page: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Frame ID: DF6420A2B78302A41C506F9C67CF90C4
Requests: 74 HTTP requests in this frame

Frame: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 8CB1253C15AAD4BBE637CB31EB76BED6
Requests: 2 HTTP requests in this frame

Frame: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 06DBAD5837DC27BEAD7F48F0595D3681
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=dbab30ba-a15c-464e-8107-badbf8fe4c39&u_sclid=fe99f7ba-4d42-4476-a6b6-f27dea0740e9
Frame ID: B9939F7E04B1E7C79BD7B29359F80529
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1696971501663&pnid=140&pcid=0efc2ed0-d93d-4cf4-b750-9564a8ab9491
Frame ID: B712E835C5177B3AC33E7313E628DA8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Steam Gamers: Possible Refund

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

81
Requests

93 %
HTTPS

0 %
IPv6

25
Domains

35
Subdomains

31
IPs

4
Countries

1284 kB
Transfer

2990 kB
Size

38
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Request Chain 7
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Request Chain 58
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1697160282577&u_scsid=e4b706a0-5605-4ecc-a4ca-6cdfc5dde433&u_sclid=c3c22581-d07f-487c-8aa5-39614dcbbcd7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696971501663%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696971501663%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1696971501663&pnid=140&pcid=0efc2ed0-d93d-4cf4-b750-9564a8ab9491
Request Chain 73
  • https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
get.steamrefund.com/pmax/ 		79 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dabde7460d71e42220c6650c66799b70b2e22ac9b66c3dfa39cf9b7427ec9d97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8153c8c72cada808-SYD
content-encoding
br
content-location
https://get.steamrefund.com/pmax/
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 01:24:41 GMT
link
<https://get.steamrefund.com/pmax/>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Lg3jwSR4pXvhZQZY57OJPNVkaDeCnqLF%2FwL3DAUEvmZ0eEgSav7o9ZNtU3y%2F9eFXxgbwXtaEouHYCkEjUhqhELMTo7s4kWpv5Vxdxf%2FNu0KdhzeQC3t7p3wlFuJ%2BvBvpFxrQWg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-unbounce-pageid
c4ae1927-6233-4e03-8738-c702c2291cf1
x-unbounce-variant
k
x-unbounce-visitorid
69e0c7e4-1f8d-443a-87c7-a8e3039f6317
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-52.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:01:52 GMT
content-encoding
gzip
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
x-amz-version-id
fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop
SYD1-C2
age
2013770
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Tue, 11 Jul 2023 16:18:48 GMT
server
AmazonS3
etag
"99b89a3d5f7bab4f89aad694ef70a6d8"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wJXBxet-I3sb4Wb4NX9XYZmj3OCL6MXBC2uXieJiIhJZ0zGFtbBZ5A==
bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
d1wbjksx0xxdn3.cloudfront.net/lts/ 		43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-129.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 21:12:14 GMT
x-amz-version-id
L8NSUzd.VhCea40EMWB5R42ATfjEGDgY
via
1.1 c8a7df1b4956aa390fe495730eb3c9f4.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 20:49:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
1397548
etag
"e31f6a704f0c9b178435edc2658c9e37"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
43694
x-amz-cf-id
OVyhKkcYhnqyKobv0CZZvM2-4GW7lVW5HfoP3YB3Qa3AfVVyXAWQpQ==
main.bundle-b8bce47.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-52.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 18:24:34 GMT
content-encoding
gzip
via
1.1 d464a17a20fc9cad7861828ec660c392.cloudfront.net (CloudFront)
x-amz-version-id
6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop
SYD1-C2
age
2012408
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33784
last-modified
Tue, 11 Jul 2023 16:18:45 GMT
server
AmazonS3
etag
"3208b0848f289d158acfc0caf5894954"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
17Diw9QuhYWCt0pnmqHll5acr3gA69Uxvr4-p5iY1feDOC0ee3axNQ==
gtm.js
www.googletagmanager.com/ 		248 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
a5540516a471e805ceb799f8127c74144de2f3399f892626c968dbaa9cf383d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84702
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 01:24:41 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type
image/gif
51d1bd3d-vlvstm_10000000zk0mx00001v028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/51d1bd3d-vlvstm_10000000zk0mx00001v028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5949cde2e457895671da9b112c4d9d582d997beaea8f1dc96625e77d21de2b47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 17:05:24 GMT
x-amz-version-id
ItjSEBNtTSL8S__pSFUk_vlIm19E6HVB
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
116357
etag
"559c243c171fdd635cf4a024256dc6ac"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
338472
x-amz-cf-id
n5K67oUuZi_6ti8PJ-t_cSUP8A9eguA6BySiYm-WDi_R1uSLvsTJgg==
main.js
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 8CB1
Redirect Chain
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Server
172.67.74.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6621a04279b32fd4302c1a94d5d9722871a10b34f832d5f1a4a4c1ce5ce499f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXY9536KHGhApgWGI1ycyH2faD8jIvVqftdcnjvXRlvPOl6RQTFM814xY628QP5ldXAhOAgW%2FbdFzesqKD72imgQY%2BR87X0hbg0LGUaktT4wq0ckJ4ply%2FQ%2BBXu3ozpkXsoFJ%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8153c8cedad5a808-SYD

Redirect headers

date
Fri, 13 Oct 2023 01:24:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrMgrT6zhDEL43OaFnPKG2LKGoqTJojC4GKln%2F33cbYM7XjfsRs2PiEEtLSmJGmVNZtYTOKrdqwsZ1hB89Uy0mLe1Xw%2BSrBBBQohStgJdRB3FXPQ%2BIVdHWMDVIAotAhxtUmzpnQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
cache-control
max-age=300, public
cf-ray
8153c8cebab7a808-SYD
main.js
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 06DB
Redirect Chain
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Server
172.67.74.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cebc095554155b06c4b9da1f86224837093482a623019f5045b521a299685631
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=128Lr9iDg9pW%2BAZWnk2cxDJVhKE1QoPNqSN2udLhw1eSGcx8bVZvZkcOl6smFUmW508V2vndOhuEyqPfw0GFO2BIoXY2XMUlNxnu%2Flmy%2FlVQcb%2BlYJNVbgvLW8DlpbtVMmoIu54%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8153c8cedad8a808-SYD

Redirect headers

date
Fri, 13 Oct 2023 01:24:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbWRJM20re4W9LKvDoqgisLHBi4sz%2FM1vreXCMJ6ZwfuSxKZ%2FJm9rYN%2FQn9U1hdpOpXGMGVWaf44X%2Fvicy0GHMIUxkBt23VOd9mVP74LWFBndsW1%2FeW6tu3U2SuqmIocayxBX9Q%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8153c8cebac0a808-SYD
4a034605-6da6-42a7-a314-2f723cb4659d
https://get.steamrefund.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://get.steamrefund.com/4a034605-6da6-42a7-a314-2f723cb4659d
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.ub-assets.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-123.syd1.r.cloudfront.net
Software
/
Resource Hash
d6adc33ce0c8fcb7eaa56c9931e1991529384e1582f0810502e8608f73eb5a4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 23bcdd719bfa269e077f081512f9c624.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
x-amzn-requestid
1494d617-0eac-4ac3-bb61-604a877f84f0
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Mt1eIHm8oAMEsUQ=
content-length
614
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-65289c5a-1375a000721a1d3d49a51331
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
t6jgBe8diPH2xlfyQcDZZ_3_oN68UbEbmLSclHO3Kb2pRQP06YVK8g==
78cb5a2b-mason-llp-logo_1096025000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/78cb5a2b-mason-llp-logo_1096025000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
894a03b7c93fe755e5367e332b177af9e0a511bc702cd2a85c0400c2d74e614a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
.m70LKUqyJJBiIYyyQTqSiMsooy9g1RL
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"cd4803cf9411c95d357c34ff995fc6e0"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2779
x-amz-cf-id
rNoWaaOmPtBORGN1VYHwLnEf3HCWgjr-lmScy88uPfo-isuMPhiEVQ==
c830f7bb-super1_105302y000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/c830f7bb-super1_105302y000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8912f270dff53f0103d8bf3d654d0ead4b3de4f28e968c489d004d88070f39eb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
dkckRbuCoD4BjlXWZagfCQPA177yWJqM
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"3e64e7e35ec8ae8f220da9c35328c19c"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2990
x-amz-cf-id
_bLpQ38j-0vw7JpYzof8lh_DcC8FeinxU23_oqTWVz_2u3PO_H7kYw==
0760bd0a-pj-mage-e1611939292573_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/0760bd0a-pj-mage-e1611939292573_1000000000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97da9553ce78d1a2a04f9bf2ede472522a9328bb7d4c820a2de807cec48fdc37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 20:30:28 GMT
x-amz-version-id
RyAXkVH13.hoJxucHt0RiFCAJ0FbJs4X
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
276853
etag
"b66486f26a714d16a58763c9408ef593"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
5797
x-amz-cf-id
9pGD69anBm9l4HRGu4hySAH2AGhgwbjq4ptyi4WkCsrLK8xoXnYDOw==
7ecc3d0d-lf-founder-lockdown-2022_106g02s000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/7ecc3d0d-lf-founder-lockdown-2022_106g02s000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
456207cd45250c8ccb0fd84d653b7c64394e912f99a310da5422768b0504e711

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
vIY7a9lfNzveAFclE7GK1rHbanE1pQB7
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"54072a1cb53cdea013cd93d37caa7317"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
7003
x-amz-cf-id
mtP5dQqCSGRrOAQc1P3cIGUb5GVuKZ4HLK9Ql8bpOycQkilbBO97KQ==
696855d1-ntl-top-100-flat-badge-1021x1024-1_102w02w00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/696855d1-ntl-top-100-flat-badge-1021x1024-1_102w02w00000000000001o.jpg
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfb31ad287f7b31afae1f180a12bbb9c14ca4643cbc43b9c7f72618934c0ac9f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
bRDYOSEPWMPRX0Nwc8OzCHKP5Vw.ble3
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"941d90fdf23fe51d81528c7d002a9b0b"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3626
x-amz-cf-id
OgJEZEO_Ej7Hk7f-zx7l9DWqLZ80iuoergWtP5j76CG5ht6kPhFB3w==
2f86d8e7-lawsuit-settlement-1_108204m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/2f86d8e7-lawsuit-settlement-1_108204m000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cababe098647cd4f80454377f78cece1d9c903a90938db4aa32d87fd34aaac61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
AiF7LBdPjgzyxogU3Ma3YCttMaf8k3xi
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"df6b9e481bcba7b2877308962769f6df"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
13827
x-amz-cf-id
DnTnzcD8ykg7WQOS1NgflUYYiPeS4O4_5rYhUvh1sO7GEHTngLbNbg==
09de75e4-lawsuit-settlement-2_108204m000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/09de75e4-lawsuit-settlement-2_108204m000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7db89be8c6619ccda15be79150972cc7c033d6b559943a11bacde4aa572000ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
K3VN7aUHoxl1lVQtS.ApGht1PC0Rk6qV
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"a469e69812c01d688085477f9b0d82fa"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
18133
x-amz-cf-id
-sG5DIci6XV-4CYTElwaByKKS_3uT4k2UgmeDhpm8r3PXEsI5NRgig==
2da7c1a5-lawsuit-settlement-3_108204l000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/2da7c1a5-lawsuit-settlement-3_108204l000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
639a44504eb21a9ccefcb1b0a8db4717408b4ef8e7ff93611e948f4c3b49b460

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
acBdujQaDwynx4ZoB40LqBfdhcmpX_yn
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"e69fb767d5a08505b02e53cc19005a73"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
12130
x-amz-cf-id
4ptuL6m-bK5DFsotFwSb-I-kHNLDrTSRF4-cudYNtP9gO2H4Sn_ZMg==
803304b1-ign-logo-1536x864_104502b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/803304b1-ign-logo-1536x864_104502b000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
yrc3Y0ANg1Y6DGpZ_TwFzOcRVIqkgKJG
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"7bcb922759fd4d84fa03ab8780518252"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1616
x-amz-cf-id
LDUZ-AHEpf4IKXxNTq8y6dZYo7v4aj67TUERHSxxsqr5ZPOo1xJQQQ==
fccf38a4-shack-news-logo_106h016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/fccf38a4-shack-news-logo_106h016000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
pI.YRnfFMKAaMxaiZTWXRT6VZKDMk0NR
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"c0e55ff1a51c1c1ab1dbb14c3a14f3f2"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2826
x-amz-cf-id
czQUEhMMpY1RsGO8HGva2xX9AyeqDuYyGed-GB1Zto6_tL6pWAFeGw==
c3c7b570-game-rant-logo2_107e010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/c3c7b570-game-rant-logo2_107e010000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
0IGU36yy2c_t_HQvpMFGErrQN702Mdbb
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"fe33fb6ca063e7f4e94d476fd7858042"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2140
x-amz-cf-id
GE4-YQhgqVWmB8N3mMOpbOUTQz-wCEXYGtWdBOs7Qg3hUZcLT-QMAw==
5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
ZmlX_Vkp66vFnHLiM2nuJi16STESKal0
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"1990686fa110c07707dcee247cbd5362"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2786
x-amz-cf-id
3UcSBt4WMwhyYW_ZkczRJqRPdgth5Mvg0wkiyV4Jh8dIt-8-OxeAgg==
ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-version-id
eV7hegy8BEjNcj8NfVPKMnlj80mRXIrZ
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
etag
"2ce7c87a626d600553f837bd8a47e785"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3280
x-amz-cf-id
rGpgzIdQC2mjJ89E1d3vGLF8pefvyjgAtIpMDh8UBPqDPe1BKAIj7Q==
f308602a-0352-eurogamer-logo.svg
d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/pmax/f308602a-0352-eurogamer-logo.svg
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.108.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-108-26.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 11 Oct 2023 17:05:24 GMT
x-amz-version-id
8kz4m8mrKfWHX1D7nAtVXg73KUFTxbmH
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 10:20:23 GMT
server
AmazonS3
via
1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
etag
W/"a7116c911d88a4d87c2d6905a3c87b9d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31557600
age
116357
x-amz-cf-id
QGqNGDDd-kjISGpCYyNOyuN3p32uzOSBa-OgbIqhephY-rXBHs4Vuw==
8153c8c72cada808
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8CB1 		0
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/8153c8c72cada808
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 01:24:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8153c8cf6bbfa808-SYD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGybxrqR9ihhRTOiqW1376PmTTiF0hgeUG6iQMgbPhwrp6RaYBWlFoJnsmwjd5RCNepTQVn5Mq8iLmaQaMCX7gEJ6qspJQ7lQilsaqvt8FG1pgl9c46aqKzV33KDpoOz0D3GgF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
8153c8c72cada808
get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 06DB 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/jsd/r/8153c8c72cada808
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 13 Oct 2023 01:24:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8153c8cfec65a808-SYD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtyO8OoHP4SszXv29fWjVT%2BbjNEamuLEzRpbdaeE1q59PuxOB%2BI7d6ONmiiU9epNvYfxQfYmp6PSdHTidssQDnst%2BhIEYesk2gf%2B9VrQMNzQ4cftVjL4g4GPQPb2UkUj%2Fuh4qpY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
i
events.ub-analytics.com/_ub/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.ub-analytics.com/_ub/i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.34.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-34-75.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://get.steamrefund.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://get.steamrefund.com
access-control-max-age
3600
content-length
0
date
Fri, 13 Oct 2023 01:24:42 GMT
server
akka-http/10.2.9
i
events.ub-analytics.com/_ub/ 		2 B
233 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.ub-analytics.com/_ub/i
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/lts/bc2b61f5d00a7d9014df8f247ade4e38f0c03534.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.34.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-34-75.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://get.steamrefund.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://get.steamrefund.com
date
Fri, 13 Oct 2023 01:24:42 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.2.9
content-length
2
content-type
text/plain; charset=UTF-8
regclk
adservice.google.com/pagead/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/pagead/regclk?auid=1144363088.1697160282&url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F&tft=1697160282049&tfd=2002&frm=0&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&gclsrc=aw
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers
landing
www.google.com/pagead/ 		42 B
455 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/landing?gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&gtm=45He3ab0n81WM6PL8S&auid=1144363088.1697160282
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/?random=1697160282051&cv=11&fst=1697160282051&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&hn=www.googleadservices.com&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&auid=1144363088.1697160282&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
bacaf85822a0075295079a8897359b23cc50b6899d8b4adcb6633404afdba73d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1531
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
tfa.js
cdn.taboola.com/libtrc/unip/1515208/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13ff5feb5939aaa72523c6e0253f433fef0b7fab2dd1be490186ccb9359bd6f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
jXuXarK8jZCqiM1a2qtl8IWiE2jmr0Xe
content-encoding
gzip
via
1.1 varnish
date
Fri, 13 Oct 2023 01:24:42 GMT
x-amz-request-id
6T7RJ9HN5J0FGQQ4
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
19982
x-amz-id-2
hqlLr+oH8Ivy5cdcktfyr0uin26lecTSz7GpguxNp3Fv0yhY8BK6QHrEm6lBVPuH9CORlQr7dUg=
x-served-by
cache-bfi-kbfi7400056-BFI
last-modified
Sun, 08 Oct 2023 15:49:12 GMT
server
AmazonS3
x-timer
S1697160282.411554,VS0,VE169
etag
"bdb22ce981a7136b593cacb15975088c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
v5.js
cdn.stape.io/dtag/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stape.io/dtag/v5.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.48 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
1341277
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
same-origin
cf-bgj
minify
last-modified
Mon, 23 May 2022 07:46:57 GMT
server
cloudflare
etag
W/"628b3bf1-39c0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
8153c8d69b1daae1-SYD
expires
Sat, 12 Oct 2024 01:24:42 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.243.10 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-243-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a3c74ac6a0a77625db61c63152d4359ebb6a95e32a7357ec438f4c397352572f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
28ae8694
date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-206-243-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=221
content-length
1320
pragma
no-cache
server
nginx
x-tt-logid
2023101301244230C162B993522817E988
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
221,23.206.243.6
x-tt-trace-host
01724d62e235d8cf04aa3c38f40daa78d88e7e06ef2fe08c5cbeb1804758f085f8ce127708eaea8f7153376ffb6937c596d3ac4bf88983df6634fc01d96f2dfd209b49e465b201b35910c2262d631b2f904f0e41cc63700c135f548ed8b0a2f695
expires
Fri, 13 Oct 2023 01:24:42 GMT
scevent.min.js
sc-static.net/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.91.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-91-245.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
16800
x-amz-cf-id
goPj4DH4Vr9DudumW6rj5uGHH37mauAG8a6uUVp2kwtwi31BwZu4Kw==
js
www.googletagmanager.com/gtag/ 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6db8bd9e608bba9c474e76c8030da182b8232886472195ca5d142d4919f021b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92458
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 01:24:42 GMT
js
www.googletagmanager.com/gtag/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-252624536-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9738e201f9223fbfa0fd1b9b23bc703a9d03519bfb6d3f4a6d1afa3ea761ada1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64112
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 01:24:42 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.28.157 Sydney, Australia, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-syd10155-SYD
obtp.js
amplify.outbrain.com/cp/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.77.129.249 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-77-129-249.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9b4936002e7534020d117e5e913f1fa42a1adc34f64c7e2d7a713a540a928ada

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 01:24:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Oct 2023 06:56:43 GMT
Server
AkamaiNetStorage
ETag
"4b22e211e973b72d3565d761c452eca5:1697103374.221453"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
OC
Cache-Control
max-age=1200
X-CC
AU
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7505
Expires
Fri, 13 Oct 2023 01:44:42 GMT
roundtrip.js
s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-21.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35a39db193b7fe3158c2b07b3a5a6b73e0a28724285a4bc08e204937d1214b9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id
S5oRFKIJquY51_i6zyI73JVUBAqgPyZn
Content-Encoding
gzip
Via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
Date
Fri, 13 Oct 2023 01:24:44 GMT
X-Amz-Cf-Pop
SYD62-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 12 Oct 2023 11:43:14 GMT
Server
AmazonS3
Etag
W/"416ba01119bb6d6e4aa65a11ff853089"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
AxqA42__ajsZxGkvf0kQlLNcD7C32foLyL1t7S9c_gwRWLp_kO3ebQ==
fbevents.js
connect.facebook.net/en_US/ 		198 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 01:24:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53364
x-xss-protection
0
pragma
public
x-fb-debug
6aUDBem8IJOApmrgHzetcBKv8yWSmbX/ls40zy3QMLNNeGB6dHs2QkEYo4TjpmgGGROK/dE4uGFqZCBJjQozXA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.ub-assets.com/fonts/s/ptserif/v18/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-123.syd1.r.cloudfront.net
Software
/
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Origin
https://get.steamrefund.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 19:29:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
33116
via
1.1 4531d36bddcd36b16bc48daff001c13e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
366894
x-amzn-requestid
1fb56f1d-b148-4668-b896-b88fa5d7a937
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Mf1u5G2PIAMEcIQ=
content-length
33149
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6523032b-26662a654a44c2546ede61c4
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
ZnEdVuqEBn0nw_lmzbaarixDzOSvdU3RQQJFf6gUfmSv7k-ZeOMyYQ==
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
fonts.ub-assets.com/fonts/s/montserrat/v26/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.181.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-181-123.syd1.r.cloudfront.net
Software
/
Resource Hash
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Montserrat:600%7CPT+Serif:regular
Origin
https://get.steamrefund.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
15072
via
1.1 4531d36bddcd36b16bc48daff001c13e.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD1-C2
age
1112972
x-amzn-requestid
ac581afe-e100-464d-95cf-0ce517928ac3
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
MDYQRHkpIAMErYQ=
content-length
15095
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:02 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6517a0ce-1eeeeda54e62572165a41bb2
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
sBqwK6Iz-p-cJcdwU7dbqyhA7nICW79pZ_MDPA53zKTT0qPWPUBcHQ==
js
www.googletagmanager.com/gtag/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-252624536-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c8bc586b05db3897d35945d6da4e2ffa3480fe9e3046dcac98b474a4892f9f02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64135
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 01:24:42 GMT
collect
www.google-analytics.com/g/ 		0
134 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P48CLNLYJE&gtm=45je3ab0&_p=723888484&cid=1743771794.1697160282&ul=en-us&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697160282&sct=1&seg=0&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&dt=Steam%20Gamers%3A%20Possible%20Refund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-252624536-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 01:07:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1038
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 13 Oct 2023 03:07:24 GMT
adsct
t.co/1/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4e5b097d-a8ac-4130-8700-56e9deee6e11&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1d17edef-2199-4cd1-8c97-79c024b92288&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
145
date
Fri, 13 Oct 2023 01:24:42 GMT
strict-transport-security
max-age=0
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
99226e372230c0d4
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
059abf5cc134471d15fe15f0cfd7d9403503c058fa47fba3c88f00908c04f907
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4e5b097d-a8ac-4130-8700-56e9deee6e11&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1d17edef-2199-4cd1-8c97-79c024b92288&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-response-time
145
date
Fri, 13 Oct 2023 01:24:42 GMT
strict-transport-security
max-age=631138519
server
tsa_r
content-type
image/gif;charset=utf-8
x-transaction-id
d7303d30ace7f21d
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
d7ab139c39e1b4f4f2991dc7b5d6a95f54ce430edcf92fb2d84729500fec616c
content-length
43
unifiedPixel
tr.outbrain.com/ 		53 B
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=02917725035179104&referrer=&cht=gtm&marketerId=009063823c6ff0a709127c2dd74e59c875&name=PAGE_VIEW&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 01:24:43 GMT
Cache-Control
no-cache
content-encoding
br
X-TraceId
6ee173aebf2b207f9759682c9972a07c
Content-Length
54
Content-Type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
220 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=009063823c6ff0a709127c2dd74e59c875
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.133.127.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Date
Fri, 13 Oct 2023 01:24:43 GMT
content-encoding
br
X-TraceId
ffef49c8cfdbdd7bab9c9422034314ba
Content-Length
39
Content-Type
application/javascript
009063823c6ff0a709127c2dd74e59c875
wave.outbrain.com/mtWavesBundler/handler/ 		0
0
a1860529-0aae-45cb-a054-1bba5385bf0a.js
tr.snapchat.com/config/com/ 		167 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/com/a1860529-0aae-45cb-a054-1bba5385bf0a.js?v=3.4.11-2310110039
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
4ed9573efc4c34c051f155eeec04df4ce457ec68135b35f19286c093015e6b20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
Origin
https://get.steamrefund.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/javascript
access-control-allow-origin
https://get.steamrefund.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
167
i
tr.snapchat.com/cm/ Frame B993 		672 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=dbab30ba-a15c-464e-8107-badbf8fe4c39&u_sclid=fe99f7ba-4d42-4476-a6b6-f27dea0740e9
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
672
content-type
text/html
date
Fri, 13 Oct 2023 01:24:42 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
10
scevent.min.js
sc-static.net/ Frame B993 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=dbab30ba-a15c-464e-8107-badbf8fe4c39&u_sclid=fe99f7ba-4d42-4476-a6b6-f27dea0740e9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.91.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-91-245.syd62.r.cloudfront.net
Software
CloudFront /
Resource Hash
718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tr.snapchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:14:57 GMT
content-encoding
gzip
via
1.1 701510d744831cda18c48da0cb099172.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SYD62-P1
age
585
etag
0d6e407936704bd380072f5891d28b0e
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=86400, max-age=600
access-control-allow-headers
Content-Type
content-length
16800
x-amz-cf-id
ZXIQ6Gy2MeGQn536VeomYiooClmNlv1Hwy7WmkDeFXbQPNaInW-DZw==
main.MWQ0NWRkZTlhMA.js
analytics.tiktok.com/i18n/pixel/static/ 		370 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.243.10 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-243-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
28ae873e
date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2023092112382213E8439E7CD125D13F65
vary
Accept-Encoding
x-cache
TCP_HIT from a23-206-243-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01444f40b518470c0d0cfaac928a19b95e7c0eda69a111866bf8cb9bbb34e0e1132ca97c5cb1840a49106cfb9dfd34b902a5fc8d5f87930894a4e6f56bcb5820d76ec27eede8700ecbc9324b294f115b7c20f91b72e8e85167870f1b2145a96516
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
100625
/
www.google.com/pagead/1p-user-list/11050824091/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11050824091/?random=1697160282051&cv=11&fst=1697158800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&fmt=3&is_vtc=1&random=1802797507&rmt_tld=0&ipr=y
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:42 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.au/pagead/1p-user-list/11050824091/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com.au/pagead/1p-user-list/11050824091/?random=1697160282051&cv=11&fst=1697158800000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&frm=0&tiba=Steam%20Gamers%3A%20Possible%20Refund&fmt=3&is_vtc=1&random=1802797507&rmt_tld=1&ipr=y
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/cm/ Frame B712
Redirect Chain
  • https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1697160282577&u_scsid=e4b706a0-5605-4ecc-a4ca-6cdfc5dde433&u_sclid=c3c22581-d07f-487c-8aa5-39614dcbbcd7
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696971501663%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1696971501663%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1696971501663&pnid=140&pcid=0efc2ed0-d93d-4cf4-b750-9564a8ab9491
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/p?rand=1696971501663&pnid=140&pcid=0efc2ed0-d93d-4cf4-b750-9564a8ab9491
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://tr.snapchat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-transform
content-length
0
content-type
text/html
date
Fri, 13 Oct 2023 01:24:43 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
12

Redirect headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 13 Oct 2023 01:24:42 GMT
location
https://tr.snapchat.com/cm/p?rand=1696971501663&pnid=140&pcid=0efc2ed0-d93d-4cf4-b750-9564a8ab9491
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
identify_7dd78.js
analytics.tiktok.com/i18n/pixel/static/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.243.10 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-243-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-akamai-request-id
28ae8758
date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230907110712DCCCE221DE7EF77F8404
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-206-243-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
011493d8fe8df572791e5f1758506c6053781d9e6db0ed03e8a4612c98fbe17c24d8cd247aa317a79c2b3fa82b2c32e3a797e51b5aa6b88b86be5204f9460b13ca12cc177a5f0e9c42a0374db061426663894f9bca2a272f5a64e5cf7399e77eab
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
35952
pixel
analytics.tiktok.com/api/v2/ 		0
650 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.243.10 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-243-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://get.steamrefund.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
28ae876a
date
Fri, 13 Oct 2023 01:24:43 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-206-243-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
server-timing
inner; dur=226, cdn-cache; desc=MISS, edge; dur=8, origin; dur=437
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231013012442738876BE75BDA58DC587
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
438,23.206.243.6
x-tt-trace-host
01724d62e235d8cf04aa3c38f40daa78d88e7e06ef2fe08c5cbeb1804758f085f8957bfd6ed8460a686cf3eb06fde11bc3bb6773410438a612d95e4e23c7b1015451cd309d68a763b0ce63884f9d57e815de8c62642784fdec051a55e46ed7fa06
access-control-allow-headers
Authorization,*
expires
Fri, 13 Oct 2023 01:24:43 GMT
json
trc.taboola.com/1515208/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1515208/trc/3/json?tim=1697160282696&data=%7B%22id%22%3A742%2C%22ii%22%3A%22%2Fpmax%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1697160282671%2C%22cv%22%3A%2220231008-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jordanagencybellcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1697160282695%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB%22%2C%22tos%22%3A21%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
66249d52d2fbc050baa5806e62d4789451d9784a2a1a73784959569f66391e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-vcl-time-ms
87
date
Fri, 13 Oct 2023 01:24:42 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.07125000000000001
x-fastly-to-nlb-rtt
72867
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-bfi-kbfi7400056-BFI
x-log-content-encoding
gzip
server
nginx
x-timer
S1697160283.853909,VS0,VE87
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
data
gtm.steamrefund.com/ 		0
0
851791816024757
connect.facebook.net/signals/config/ 		132 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/851791816024757?v=2.9.133&r=stable&domain=get.steamrefund.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
e71db41d534c2d789241e793e7e044c65d8625d45fa956e11f16a3df21e9a318
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 01:24:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
gIyowNJIftlwQwwcyh+2FTkxuldu/fJ4zw3+94x3UiQ1BB7BZo0KgyILCZdaQwl5wYBD2nCiuXVgJRccG6rABw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=723888484&t=pageview&_s=1&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&ul=en-us&de=UTF-8&dt=Steam%20Gamers%3A%20Possible%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAgCAAI~&jid=755544426&gjid=1074516935&cid=1743771794.1697160282&tid=UA-252624536-1&_gid=235559583.1697160283&_r=1&gtm=457e3ab0&jsscut=1&z=2136407887
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://get.steamrefund.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 01:24:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=723888484&t=pageview&_s=2&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&ul=en-us&de=UTF-8&dt=Steam%20Gamers%3A%20Possible%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAgCAAI~&jid=&gjid=&cid=1743771794.1697160282&tid=UA-252624536-1&_gid=235559583.1697160283&gtm=457e3ab0&jsscut=1&z=1147893135
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Oct 2023 08:55:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59382
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
793 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.243.10 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-206-243-10.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://get.steamrefund.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
30a52b07.28ae8821
date
Fri, 13 Oct 2023 01:24:43 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-206-243-6.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time
345,23.206.243.6
server-timing
cdn-cache; desc=MISS, edge; dur=230, origin; dur=124, inner; dur=119
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2023101301244267A8CD64CB170E12B9C8
x-cache-remote
TCP_MISS from a23-220-105-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0-51618102) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
124,23.220.105.199
x-tt-trace-host
01724d62e235d8cf04aa3c38f40daa78d82b6061b03c6dd37de5427784dfda6a4f396509e9a4d40b619d0809b9fe91d61d4d49cab8a17e0bf62af97e227fbc730e9e047c989395e43dc7f8cd3cc29f0189cb5c012e8d3dde2cb6748fdd4052e6d43e00ce1f81cea4c07f69c41c4036202a
access-control-allow-headers
Authorization,*
expires
Fri, 13 Oct 2023 01:24:43 GMT
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1697160282868&id=t2_f8rkva25&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=093a898c-0216-4d8f-9d8b-2af07adbf7f0&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:43 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
p
tr.snapchat.com/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://get.steamrefund.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 01:24:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
access-control-allow-origin
https://get.steamrefund.com
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=851791816024757&ev=PageView&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&rl=&if=false&ts=1697160282948&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=30&fbp=fb.1.1697160282946.98798069&ler=empty&it=1697160282719&coo=false&eid=pageview_1697160282057.371242.1&rqm=GET
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 13 Oct 2023 01:24:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-request-id
H94BPDMT0GC40804
age
447
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
MUayK/kuyynFztKIGTuxhlHWZcxelxmcGdfEGZnx1v3nNcWKE0jL+mrXZTfxBMXECRfXHrRogR0=
x-served-by
cache-bfi-kbfi7400056-BFI
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1697160283.089010,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
78
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
308
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 13 Oct 2023 01:24:43 GMT
x-amz-request-id
ANWD8HG8KKVY769A
age
14246
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
Cvu4RV2CtVFS0LQCKJc60OfTEUOORQlVKc4bsgv9L8GJZ6M6NzSCTHk3izodyufVJoH2rU346Ck=
x-served-by
cache-bfi-kbfi7400056-BFI
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-timer
S1697160283.089158,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
78
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
7146
/
pips.taboola.com/ 		4 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-served-by
cache-bfi-krnt7300085-BFI
date
Fri, 13 Oct 2023 01:24:43 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://get.steamrefund.com
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
HTTP/1.1
Server
18.67.93.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-21.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

X-Amz-Version-Id
e6mCeG7.PAM9gYrIJBIXJohubS3UVCEK
Date
Thu, 12 Oct 2023 14:46:09 GMT
Via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
Age
58773
X-Amz-Cf-Pop
SYD62-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 03 Aug 2023 18:30:18 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Rzuvx6TfZeyveWLyzIRcPQGJn1A0pxHbJUgFA-tmncCGhaTqAavCtA==

Redirect headers

Date
Thu, 12 Oct 2023 16:56:58 GMT
Via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
Age
30465
X-Amz-Cf-Pop
SYD62-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
IUVwtEHs4jcYSpDUWVaVJl_vzEOOYpyEJet-y3O9E4KfVwScBWoeug==
6FGPXF7JBVHSVDCJIPGVKW
d.adroll.com/consent/check/ 		486 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/6FGPXF7JBVHSVDCJIPGVKW?pv=56955201806.557556&arrfrr=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&_s=babe36ed6c9fc53c117e66d47f11a24d&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.191.212 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cb061fb4fa646da7059aa16b1ebbe86eb8326112b385af186c4933c304df88f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Fri, 13 Oct 2023 01:24:43 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
486
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 13 Oct 2023 01:24:44 GMT
cache-control
no-store
server
nginx
AQZWYSXDH5AHBDZ7DZJNB6
d.adroll.com/segment/6FGPXF7JBVHSVDCJIPGVKW/ 		42 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/segment/6FGPXF7JBVHSVDCJIPGVKW/AQZWYSXDH5AHBDZ7DZJNB6?adroll_fpc=e03e9c28a547a1264965a5983c3792d0-1697160284013&pv=56955201806.557556&arrfrr=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&cookie=&adroll_s_ref=&keyw=&p0=1956&adroll_external_data=&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.191.212 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-191-212.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 01:24:44 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
GVJMKRTEX5BYFLHV5HGIYI
content-type
image/gif
access-control-allow-origin
https://get.steamrefund.com
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
AQZWYSXDH5AHBDZ7DZJNB6
x-organization-eid
IIRMTF3ZPVAZ7PBIFVYKZ3
access-control-allow-headers
*
x-advertisable-eid
6FGPXF7JBVHSVDCJIPGVKW
x-conversion-currency
x-segment-name
*
unip
trc-events.taboola.com/1515208/log/3/ 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=1573&scd=0&ssd=1&est=1697160282674&ver=36&isls=true&src=i&invt=1500&msa=684&rv=1&tim=1697160284247&vi=1697160282671&ri=78c02060fbc4ffe7edf379deef837d30&sd=v2_8dffdbaf1d29163e0810d5306bba5052_d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da_1697160282_1697160282_CNawjgYQyL1cGK-Ei7WyMSABKAEw4QE4kaQOQLDlD0joy9kDUP8DWABgAGigoJWr4_OFjDxwAQ&ui=d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da&ref=null&cv=20231008-8-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://get.steamrefund.com
pragma
no-cache
date
Fri, 13 Oct 2023 01:24:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
162035054445838
connect.facebook.net/signals/config/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/162035054445838?v=2.9.133&r=stable&domain=get.steamrefund.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
7a99077b9a8efadd33591a92cf7e0eeeaa87f46ba3645f03ad4c3d1ab6bc3282
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 01:24:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
GcREJkbx4HYnczkNvQ07Gl9CyoAxSOqRBL+nj4PqppCW25aUWuyjbmGNxmRsOXqVOEmzPiNMXKMny+uAp1gPQA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=162035054445838&ev=PageView&dl=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&rl=&if=false&ts=1697160284656&cd[segment_eid]=GVJMKRTEX5BYFLHV5HGIYI&sw=1600&sh=1200&v=2.9.133&r=stable&ec=0&o=29&fbp=fb.1.1697160282946.98798069&ler=empty&it=1697160282719&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: get.steamrefund.com
URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 13 Oct 2023 01:24:44 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unip
trc-events.taboola.com/1515208/log/3/ 		0
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=4578&scd=0&ssd=1&est=1697160282674&ver=36&isls=true&src=i&invt=3000&msa=684&rv=1&tim=1697160287252&vi=1697160282671&ri=78c02060fbc4ffe7edf379deef837d30&sd=v2_8dffdbaf1d29163e0810d5306bba5052_d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da_1697160282_1697160282_CNawjgYQyL1cGK-Ei7WyMSABKAEw4QE4kaQOQLDlD0joy9kDUP8DWABgAGigoJWr4_OFjDxwAQ&ui=d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da&ref=null&cv=20231008-8-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2Fpmax%2F%3Futm_source%3Dgoogle%26network%3D%26keyword%3D%26matchtype%3D%26targetid%3D%26campaignid%3D20461477097%26adgroupid%3D%26creative%3D%26creativeid%3D%26feeditemid%3D%26device%3Dm%26loc_physical_ms%3D9052643%26placement%3D%26gclid%3DCj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB&ler=other
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://get.steamrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin
https://get.steamrefund.com
pragma
no-cache
date
Fri, 13 Oct 2023 01:24:47 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wave.outbrain.com
URL
https://wave.outbrain.com/mtWavesBundler/handler/009063823c6ff0a709127c2dd74e59c875
Domain
gtm.steamrefund.com
URL
https://gtm.steamrefund.com/data?v=2&event_name=page_view

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ub object| dataLayer function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| ubSnowplowInitialized object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| rdt object| __tfa_pixel_init object| _tfa string| _randomPageId string| TiktokAnalyticsObject object| ttq function| snaptr object| r function| twq function| obApi string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| fbq function| _fbq function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| regeneratorRuntime object| twttr function| apiObj object| _scPxHelper object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| parseResponse function| dataTagSendData function| dataTagGetData function| dataTagMD5 function| dataTag256 function| jsSHA function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| dataTagData object| gaplugins object| gaData object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi function| __gpp boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid string| adroll_rule_type

38 Cookies

Domain/Path Name / Value
.taboola.com/taboolaaccount-jordanagencybellcom/ Name: taboola_session_id
Value: v2_8dffdbaf1d29163e0810d5306bba5052_d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da_1697160282_1697160282_CNawjgYQyL1cGK-Ei7WyMSABKAEw4QE4kaQOQLDlD0joy9kDUP8DWABgAGigoJWr4_OFjDxwAQ
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
get.steamrefund.com/pmax/ Name: ubpv
Value: k%2Cc4ae1927-6233-4e03-8738-c702c2291cf1
get.steamrefund.com/ Name: ubvs
Value: 69e0c7e4-1f8d-443a-87c7-a8e3039f6317
.steamrefund.com/ Name: ubvt
Value: v2%7C69e0c7e4-1f8d-443a-87c7-a8e3039f6317%7Cc4ae1927-6233-4e03-8738-c702c2291cf1%3Ak%3Adta
.steamrefund.com/ Name: cf_clearance
Value: S7j3mf7BSCoLNdBNBffcvTO4DSM3zDxlzx0wSXgJJP4-1697160281-0-1-326e8746.4d04cd86.656fd8a6-0.2.1697160281
.steamrefund.com/ Name: _gcl_aw
Value: GCL.1697160282.Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
.steamrefund.com/ Name: _gcl_au
Value: 1.1.1144363088.1697160282
.steamrefund.com/ Name: _ga_P48CLNLYJE
Value: GS1.1.1697160282.1.0.1697160282.0.0.0
.steamrefund.com/ Name: _scid
Value: a41cfc59-7a8b-4cc0-9c77-d33449d1035b
.steamrefund.com/ Name: _scid_r
Value: a41cfc59-7a8b-4cc0-9c77-d33449d1035b
.tiktok.com/ Name: _ttp
Value: 2Wghlf8McKEnWqjuNff4cZRW82I
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.steamrefund.com/ Name: _tt_enable_cookie
Value: 1
.steamrefund.com/ Name: _ttp
Value: TumSx2fyCr7ZeLYCpmnBgICHoYn
.steamrefund.com/ Name: _ga
Value: GA1.2.1743771794.1697160282
.steamrefund.com/ Name: _gid
Value: GA1.2.235559583.1697160283
.steamrefund.com/ Name: _gac_UA-252624536-1
Value: 1.1697160283.Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
.steamrefund.com/ Name: _gat_gtag_UA_252624536_1
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1697160282764
.tapad.com/ Name: TapAd_DID
Value: 0efc2ed0-d93d-4cf4-b750-9564a8ab9491
.steamrefund.com/ Name: _rdt_uuid
Value: 1697160282867.093a898c-0216-4d8f-9d8b-2af07adbf7f0
.steamrefund.com/ Name: _fbp
Value: fb.1.1697160282946.98798069
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.taboola.com/ Name: t_gid
Value: d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da
.taboola.com/ Name: t_pt_gid
Value: d32b2f44-f2d6-4dc7-9256-7ba17b6b6bde-tuctc2221da
.t.co/ Name: muc_ads
Value: a99969db-39a4-4313-9c1a-793b6ce748c9
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAEXHwRHAIAgEwIqYOTxASTeJhipSvP7y28WaD1lTAC+xgEkOpfTmdqd5veSnhksjuwbaOP2JDRZZAxxAAAAA
.steamrefund.com/ Name: _sctr
Value: 1%7C1697126400000
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169716028291719637
.twitter.com/ Name: guest_id_ads
Value: v1%3A169716028291719637
.twitter.com/ Name: personalization_id
Value: "v1_cWjHlI5rOo+DvLvziTjzhg=="
.twitter.com/ Name: guest_id
Value: v1%3A169716028291719637
get.steamrefund.com/ Name: dicbo_fetch
Value: true
.d.adroll.com/ Name: __adroll
Value: 4abd11acbf67fe57417b39e50b31bfe4-a_1697160283
.adroll.com/ Name: __adroll_shared
Value: 4abd11acbf67fe57417b39e50b31bfe4-a_1697160283
.get.steamrefund.com/ Name: __adroll_fpc
Value: e03e9c28a547a1264965a5983c3792d0-1697160284013
.get.steamrefund.com/ Name: __ar_v4
Value: %7C6FGPXF7JBVHSVDCJIPGVKW%3A20231012%3A1%7CAQZWYSXDH5AHBDZ7DZJNB6%3A20231012%3A1

2 Console Messages

Source Level URL
Text
javascript error URL: https://get.steamrefund.com/pmax/?utm_source=google&network=&keyword=&matchtype=&targetid=&campaignid=20461477097&adgroupid=&creative=&creativeid=&feeditemid=&device=m&loc_physical_ms=9052643&placement=&gclid=Cj0KCQjwsp6pBhCfARIsAD3GZuZBgiT53QsVfbit_t3v6yauQBm1ox1rNaZ2GcHJN9fpDBcTmyyr7EEaAgufEALw_wcB
Message:
Access to XMLHttpRequest at 'https://gtm.steamrefund.com/data?v=2&event_name=page_view' from origin 'https://get.steamrefund.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://gtm.steamrefund.com/data?v=2&event_name=page_view
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
builder-assets.unbounce.com
cdn.stape.io
cdn.taboola.com
cds.taboola.com
connect.facebook.net
d.adroll.com
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
get.steamrefund.com
googleads.g.doubleclick.net
gtm.steamrefund.com
pips.taboola.com
pixel.tapad.com
s.adroll.com
sc-static.net
static.ads-twitter.com
t.co
tr.outbrain.com
tr.snapchat.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googletagmanager.com
www.redditstatic.com
gtm.steamrefund.com
wave.outbrain.com
104.18.0.48
104.244.42.3
104.244.42.69
13.224.181.123
13.224.181.52
141.226.224.32
141.226.229.48
142.250.204.2
142.250.67.4
142.250.71.67
142.251.221.66
142.251.221.78
151.101.129.140
151.101.129.44
151.101.193.140
151.101.28.157
157.240.8.23
157.240.8.35
172.217.167.72
172.67.74.64
175.41.191.212
18.67.108.26
18.67.111.129
18.67.91.245
18.67.93.21
23.206.243.10
23.77.129.249
34.111.113.62
35.190.43.134
38.133.127.159
54.152.34.75
096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d
0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13ff5feb5939aaa72523c6e0253f433fef0b7fab2dd1be490186ccb9359bd6f6
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
325fab5a06017764ab5ff18c3e5d6c1625d3524cb2a077e58b902fb8f26d1c9a
35a39db193b7fe3158c2b07b3a5a6b73e0a28724285a4bc08e204937d1214b9b
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
456207cd45250c8ccb0fd84d653b7c64394e912f99a310da5422768b0504e711
4ed9573efc4c34c051f155eeec04df4ce457ec68135b35f19286c093015e6b20
5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59
5949cde2e457895671da9b112c4d9d582d997beaea8f1dc96625e77d21de2b47
639a44504eb21a9ccefcb1b0a8db4717408b4ef8e7ff93611e948f4c3b49b460
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6621a04279b32fd4302c1a94d5d9722871a10b34f832d5f1a4a4c1ce5ce499f8
66249d52d2fbc050baa5806e62d4789451d9784a2a1a73784959569f66391e12
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6db8bd9e608bba9c474e76c8030da182b8232886472195ca5d142d4919f021b1
718d2cf95092db9b8f8f18f303240a5fa8a0f3add9bec2a0e0ff12234456fb4a
7a99077b9a8efadd33591a92cf7e0eeeaa87f46ba3645f03ad4c3d1ab6bc3282
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7db89be8c6619ccda15be79150972cc7c033d6b559943a11bacde4aa572000ed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8912f270dff53f0103d8bf3d654d0ead4b3de4f28e968c489d004d88070f39eb
894a03b7c93fe755e5367e332b177af9e0a511bc702cd2a85c0400c2d74e614a
92175bf4a96909409add4c3f85b28af6a234ac81972ce9c2a17aa261172b30ba
9738e201f9223fbfa0fd1b9b23bc703a9d03519bfb6d3f4a6d1afa3ea761ada1
97da9553ce78d1a2a04f9bf2ede472522a9328bb7d4c820a2de807cec48fdc37
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b4936002e7534020d117e5e913f1fa42a1adc34f64c7e2d7a713a540a928ada
9f5f68f23573a4df9d5ce9fdd7c28154b326232e7dc31731a2a2deaa2ab6ca43
a3c74ac6a0a77625db61c63152d4359ebb6a95e32a7357ec438f4c397352572f
a5540516a471e805ceb799f8127c74144de2f3399f892626c968dbaa9cf383d3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
bacaf85822a0075295079a8897359b23cc50b6899d8b4adcb6633404afdba73d
bfb31ad287f7b31afae1f180a12bbb9c14ca4643cbc43b9c7f72618934c0ac9f
c8bc586b05db3897d35945d6da4e2ffa3480fe9e3046dcac98b474a4892f9f02
cababe098647cd4f80454377f78cece1d9c903a90938db4aa32d87fd34aaac61
cb061fb4fa646da7059aa16b1ebbe86eb8326112b385af186c4933c304df88f7
cebc095554155b06c4b9da1f86224837093482a623019f5045b521a299685631
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d6adc33ce0c8fcb7eaa56c9931e1991529384e1582f0810502e8608f73eb5a4e
d7657eea272b62c540e89a651d3ce05555e18062e77e4734247e5458908d1773
dabde7460d71e42220c6650c66799b70b2e22ac9b66c3dfa39cf9b7427ec9d97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3
e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71db41d534c2d789241e793e7e044c65d8625d45fa956e11f16a3df21e9a318
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921