www.refundmatic.com Open in urlscan Pro
35.242.251.130  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.refundmatic.com/	229 KB 68 KB	242ms 162ms	Document text/html	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.19.0 / Resource Hash 26cdcdeecd5840d8a18a660aae8e1ea553fabbe2ef113c26c5e6d97621e38a42 Security Headers Name Value Strict-Transport-Security max-age=120 Request headers :method GET :authority www.refundmatic.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 18:10:42 GMT content-type text/html; charset=UTF-8 link <https://static.parastorage.com/>; rel=preconnect; crossorigin;,<https://static.parastorage.com/>; rel=preconnect;,<https://fonts.gstatic.com>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect; crossorigin;,<https://static.wixstatic.com/>; rel=preconnect;,<https://siteassets.parastorage.com>; rel=preconnect; crossorigin;, x-wix-request-id 1608660642.01240275952126310 content-language en-US strict-transport-security max-age=120 age 0 set-cookie ssr-caching="cache#desc=miss#varnish=miss#dc#desc=euw3";Version=1;Expires=Tue, 22-Dec-2020 18:11:02 GMT;Max-Age=20 XSRF-TOKEN=1608660642|azy00AscCrR6; Path=/; Domain=www.refundmatic.com; Secure; SameSite=None server-timing cache;desc=miss, varnish;desc=miss, dc;desc=euw3 x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,2d58ifebGbosy5xc+FRalkmpfDz/Gv208tAQ88qBL/KSqbaTnHe5CqAajgSDBJyKjoe2GMQJ/MdiMK4Y/vI701lTh/5zgYzd1vtz2Udx9QQ=,2UNV7KOq4oGjA5+PKsX47Bh7AFQfg6w9iTHSNnc0Qy4=,qquldgcFrj2n046g4RNSVAiOxhA7Vkxnx3Qqcd3yJLo=,UCcefuQCi27dXmJSD6Vpi4lQFj5oKPxGLJ3/h1KbrVFAOzfqOOoRoyNC7p4jABRoKjCWKapddFlOEEDxcGowaw==,IaDuTAMGGvhXtruM6nHg6lk6/KBc5eOTZgv2XRUZiFKTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,sqmudy1rWy5CXemzdhzS/L6R7Vr9YAoqV8+cx4ZgHzCTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Tw2AanFDQ+Wwo8Xxk6ZL7vOBx+hvh2Cbd7MMNUXzbHHslcH9clc4r1hP8pOOWPmrSo6HYxBSr9rjcUjIMCCLR/7pQT41djsKuNyL0rYZOaA=,sqmudy1rWy5CXemzdhzS/L6R7Vr9YAoqV8+cx4ZgHzCTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,l7Ey5khejq81S7sxGe5Nk244N3PYmJVdK4pgrWbLTSqTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,/a5ccLSK1HEmwPNg/x6OunhlE1WIBcxlxwQ2BFyGmUDRHQctrgX2TZuVorjiGsKC5OjG31VeRLEi3XqB44ES8g== expires Thu, 01 Jan 1970 00:00:00 GMT vary Accept-Encoding cache-control private,max-age=0,must-revalidate server Pepyaka/1.19.0 content-encoding gzip
POST H2	204	bolt-performance frog.wix.com/	0 257 B	336ms 112ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/bolt-performance?src=72&evid=21&appName=thunderbolt&is_rollout=0&is_sav_rollout=0&is_dac_rollout=0&dc=84&is_cached=false&msid=1f18766d-90d5-4326-b652-b20b2da28480&session_id=ae5ec20a-b835-4d6b-a4ae-397422d1a69a&ts=5&tsn=282&ish=1&vsi=d60a1dc2-5cdf-4b6f-94c2-46cd703ba148&caching=miss,miss&pageVisibilty=visible Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:42 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
GET H2	200	bootstrap-features.0f681775.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	126 KB 32 KB	133ms 44ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/bootstrap-features.0f681775.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 1cfc654d2131b0b1992c3cd236043317a929aff72ea7f5d8c1f4b0901b70e2ce Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 15:06:29 GMT content-encoding gzip age 97453 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 21 Dec 2020 14:00:26 GMT server nginx/1.13.6 etag W/"c60df1b20902427a214e0ef40d7813dd" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id Pe1cbZaJdLHzClVUZ-TiOhvc9yOShyis0womPiKk82GtFWW4yDklAg== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZin0sUSJutZpk/zfuEVAjko=
GET H2	200	main.8495fc89.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	221 KB 51 KB	133ms 44ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 374bfb4e5c9d130dca2664f9e78ab77481e1ea72fb5c296b05096e965e52826a Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 19:15:04 GMT content-encoding gzip age 82538 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 21 Dec 2020 18:38:41 GMT server nginx/1.13.6 etag W/"85f1d681d6f2215cc290180f957c9bae" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id GOffMCBCWriTloh42rHllVGy4h5vsyOmd9WFlurxKnjN-lKhBaOvmQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	lodash.min.js Show response static.parastorage.com/unpkg/lodash@4.17.15/	72 KB 24 KB	39ms 39ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/unpkg/lodash@4.17.15/lodash.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 08 Nov 2020 19:53:52 GMT content-encoding gzip age 3795410 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 19 Jul 2019 18:30:18 GMT server nginx/1.13.6 etag W/"bc0594c54450e8ac689739b6b198067a" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id te1fGokVS75maossr8v8sR1uEyml4c6VzxSvK6aJjd5WXn8lungL3w== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	wix-code-sdk-providers.92911b0a.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	25 KB 8 KB	39ms 39ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/wix-code-sdk-providers.92911b0a.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 952b1604768b071a4abd7066bd314d83c261c0c3a7c3529a2d5d2dc049730f45 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99448 x-cache Hit from cloudfront content-length 7271 access-control-allow-origin * last-modified Mon, 21 Dec 2020 10:27:11 GMT server nginx/1.13.6 etag W/"9100dd68af157337719cd89df7cfd306" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id c_6K36ryVHhJOS__-MPsEFCCEzQd-kJLpxV6YECzPj066zpZrpfnQg== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	ooi.f41840eb.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	8 KB 3 KB	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/ooi.f41840eb.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 7140d0cd2f500c057d6198e0c37a1fd0a7ecd3ac7e2c083393c26718582d9272 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99448 x-cache Hit from cloudfront content-length 2815 access-control-allow-origin * last-modified Thu, 17 Dec 2020 11:57:25 GMT server nginx/1.13.6 etag W/"15e4e0e6a9ac5a563c4ff3d68d0521ea" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id ueMAI9rE_zujn5BZt_gh1bDFVxeS_n3c-x67Zrxdr6p3H_qQu2Yv9Q== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZhl5kK91/3quGZ0qUuENNkA=
GET H2	200	passwordProtectedPage.1d1f847f.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	2 KB 2 KB	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/passwordProtectedPage.1d1f847f.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash cd784333be10ffa1f7580edab4bdad4a67fe0d4cc693731abe36fb86cb90280c Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:43:13 GMT content-encoding gzip age 98849 x-cache Hit from cloudfront content-length 1029 access-control-allow-origin * last-modified Thu, 17 Dec 2020 11:57:26 GMT server nginx/1.13.6 etag W/"34fae55d9c376f336b36e6f0ac7a9aca" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id yRRq_se0MCq8nMI9qyxy_1l7xJ924C9rSZiNAgkWA0PHoTZGZKNhvQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	protectedPages.3103467f.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	3 KB 2 KB	39ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/protectedPages.3103467f.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash de85e1d13d8d02048f52a95cfc55621ee8fbcbf32366429ba01d86c089af3cdf Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99493 x-cache Hit from cloudfront content-length 1276 access-control-allow-origin * last-modified Thu, 17 Dec 2020 11:57:26 GMT server nginx/1.13.6 etag W/"10813f979c958ff65e6a1c7232ecc1dc" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id 1G003vbtW88Is431reg8NYtZzGTCp8T4b1n5biZf4PW8i-9MSfacfw== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZi0sSU/BcUtJyZ1jkLmRlns=
GET H2	200	siteMembers.07a83b2b.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	31 KB 8 KB	39ms 39ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/siteMembers.07a83b2b.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 73a2f1ecd0afe541efa6d70de7d8c4af8cad6397a09c800dbb30fdb1addb2e84 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 15:06:30 GMT content-encoding gzip age 97452 x-cache Hit from cloudfront content-length 8096 access-control-allow-origin * last-modified Mon, 21 Dec 2020 13:55:45 GMT server nginx/1.13.6 etag W/"69d6a8be8a864be43d0755d7fccf47d2" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id ndWHci7RJJXpcBUEFowwg_G_WrF2pEUp_OR87lFU6C6F6CbQuBd67w== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	siteScrollBlocker.72de45d5.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	3 KB 2 KB	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/siteScrollBlocker.72de45d5.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 4ea19752a8f40e4bfe94deb549056f1a28793bc00bd318217f82beabd9cc3216 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 15:06:30 GMT content-encoding gzip age 97459 x-cache Hit from cloudfront content-length 1348 access-control-allow-origin * last-modified Mon, 21 Dec 2020 14:00:25 GMT server nginx/1.13.6 etag W/"1c8d932ee0021794e43595f067b048f1" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id OUuXYOzChcl9-xlvAb2iGGSkanmQdiivWbUqmoPa5ISX2jwAuBqLfQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZvN7XVy4i2aMdGGY3hsiBV8=
GET H2	200	tpaCommons.f6e5cd72.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	7 KB 3 KB	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/tpaCommons.f6e5cd72.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 3e0deaf6e7d8a9bcbd39aa3487238c4576bce88720cc2690f88b8118ccd94455 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 15:06:30 GMT content-encoding gzip age 97452 x-cache Hit from cloudfront content-length 2813 access-control-allow-origin * last-modified Mon, 21 Dec 2020 14:00:28 GMT server nginx/1.13.6 etag W/"5b6532db1a18d54661e3fa4167a8c008" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id JQ_DkKbEa0WXADK7hUYtjEKIWDaNhdYyjIdXpAQVym3f0GpntHI6PA== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	windowMessageRegistrar.9c7f93d9.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	728 B 973 B	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/windowMessageRegistrar.9c7f93d9.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 6ab8cdd9f9d9db62fad0e608f3f6e919d349e52a83929b145a8309d3bc95ed7d Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99448 x-cache Hit from cloudfront content-length 372 access-control-allow-origin * last-modified Thu, 17 Dec 2020 11:57:28 GMT server nginx/1.13.6 etag W/"96460a0897b5173081375131c77b56e5" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id QmBRoUjjTGfmLt-5m-aEK-9DbPnKcIiOAqV906LHqz5k2GfzCTnT1g== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZlAnkemd93oaJxNJVvBGP7w=
GET H2	200	platform.239682d8.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	16 KB 6 KB	38ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/platform.239682d8.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 8cc548169f31e7940f773b1967adefa6569d6b8304872fbd1ebe129ee0c5678b Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99486 x-cache Hit from cloudfront content-length 5732 access-control-allow-origin * last-modified Mon, 21 Dec 2020 13:54:45 GMT server nginx/1.13.6 etag W/"4ad62a4408670295cde4549b05450254" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id NLDiN8z_HD40XCeNmtgGJDfUTqLOYleF3tVcsbkDWrzjSRZQm8NtjQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZin0sUSJutZpk/zfuEVAjko=
GET H2	200	vendors~vendor-react-dom.2f0115e0.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	120 KB 38 KB	41ms 40ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/vendors~vendor-react-dom.2f0115e0.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 2e7751561c850c9e6307a6ec5ea372a246b8fc782c918900d674c424f981dc5e Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:14 GMT content-encoding gzip age 99612 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 17 Dec 2020 11:57:30 GMT server nginx/1.13.6 etag W/"04c86a917c4ae82a43082554a9f82a61" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id 18zyxdu6UGu3b9PXp-YSF47EZitPuo8p2pN6y2UrDcZQCBneiA42Gg== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	vendor-react-dom.d211a007.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	387 B 968 B	41ms 40ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/vendor-react-dom.d211a007.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 186b87d4871b7c1c41e239a00bc81f1e1e7dfee96a21f5cf6645e6afe91fd1b6 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 15:06:30 GMT via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) age 97452 x-cache Hit from cloudfront content-length 387 last-modified Mon, 21 Dec 2020 13:55:47 GMT server nginx/1.13.6 etag "b8933370f74de36eda3a4c3f0c37b7e8" access-control-allow-methods GET, OPTIONS, POST content-type application/javascript access-control-allow-origin * cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 accept-ranges bytes timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id JJMzEUn9-PHQ11GxRdTmUYTiPopcJ69OfbqnxahcyM4vws-m5jK56A== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZo/YDPOmus5aDqIIzbW3xIE=
GET H2	200	thunderbolt siteassets.parastorage.com/pages/pages/	28 KB 6 KB	189ms 100ms	Other application/json	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.videobox_united%3Atrue%2Cspecs.thunderbolt.tb_SelectionTagsDoNotAcceptValuesThatDoNotMatchOptions%3Atrue%2Cspecs.thunderbolt.tb_SelectionTagsOptionsClearOnlyIrrelevantValues%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=application%2Fjson&deviceType=Desktop&dfCk=6&dfVersion=1.1130.0&experiments=bv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_remove_add_chat_viewer_fixer%2Cdm_removeMissingResponsiveRefs%2Csv_unquoteUsedFontsInDataFixer%2Csv_usedFontsDataFixer&fileId=9069b239.bundle.min&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=1f18766d-90d5-4326-b652-b20b2da28480&module=thunderbolt-features&originalLanguage=en&osType=MacOS&pageId=3a3b4f_6c84d7d504b01c8e1b3b25eb360bacee_252.json&quickActionsMenuEnabled=false&remoteWidgetStructureBuilderVersion=1.224.0&siteId=a31f6e32-2620-4deb-8fdb-f06c644c8841&siteRevision=253&staticHTMLComponentUrl=https%3A%2F%2Fwww-refundmatic-com.filesusr.com%2F&tbElementsSiteAssets=siteAssets.141787ce.bundle.min.js&useSandboxInHTMLComp=false&v=3&viewMode=desktop Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 7f16b8a6b4febe7c55d398a9ca748a419a6b77bbbf9b4bc3ce7d910b703e850d Request headers Origin https://www.refundmatic.com Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 18:10:42 GMT content-encoding gzip x-amz-cf-pop HAM50-C1 x-cache Miss from cloudfront content-length 5186 timing-allow-origin * access-control-allow-origin * x-newrelic-app-data PxQFUlJRABABV1BTBQAPVlETGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0sRA1BURElOExoDTlZNUgZWDFcMCQMEH0gITRNUCwBRVA9QAAEBBwNTWFcDExsABV1FVj8= server nginx/1.13.6 etag W/"706c-god7cDvoYAstkjkF5AH53MEegFE" access-control-allow-methods GET, OPTIONS, POST x-varnish 863545795 863644034 via 1.1 varnish (Varnish/6.0), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront) access-control-expose-headers age,via,x-cache-status,X-cache-status cache-control public, max-age=7776000 accept-ranges bytes content-type application/json; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id QavJ5LG65f8fGHuXe2hpPHOfuKwoSq3xG641hkBXbp-umc0W5C02xg== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZhv5PBTbDqajrGhTCYfPb4Y=,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqno5sdon7EWMDIlFGW3BO6svGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1GX0MrkpdqBHNC/IupH6kNDJftmKrOReD3ukbbas4YDo
GET H2	200	dynamicmodel Show response www.refundmatic.com/_api/v2/	15 KB 7 KB	119ms 118ms	Fetch application/json	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.refundmatic.com/_api/v2/dynamicmodel Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.19.0 / Resource Hash 69cf0dec3b5b3fb894b1fcc04727911edff681aa1a2a7e4a1e284230cc63045e Security Headers Name Value Strict-Transport-Security max-age=120 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 18:10:42 GMT content-encoding gzip x-wix-request-id 1608660642.23540275952226310 server Pepyaka/1.19.0 age 0 x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,2d58ifebGbosy5xc+FRall7VuzTSFN9xLyFqchqlIQKHGuBgF1/iH4OZMy5pBOlwjoe2GMQJ/MdiMK4Y/vI701lhcbgVCpBChm0YIKsEfIU=,2UNV7KOq4oGjA5+PKsX47GdUQGSP799Up94xsjyCJblWd3xniMsr1HjrszKGvMzr,qquldgcFrj2n046g4RNSVO41WPKnFMbc7ID/2Bjixvw=,UCcefuQCi27dXmJSD6Vpiy3OHrPrsHsadHQstwzPLhUMet3gXzDy3EuDIWUBgpG2iy9RDN50yNDYuMRjpFglRg==,w4q8mm9FnmU4emOs6psVXQPZekWufVT7MxYgsh83gtKTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,w4q8mm9FnmU4emOs6psVXX3uxCI8hRXGMJOe8loEQntNG+KuK+VIZfbNzHJu0vJu,a3Wp9ZyujRzrXdcjNnttJgKjd34lbPLKhKtmeGXD2EznxLMOvrvHwAn4YnDaonZ2C7xRzcavLMz2d2w4pRhR3g== vary Accept-Encoding content-language en-US access-control-allow-origin * cache-control no-cache, no-store,no-cache server-timing cache;desc=miss, varnish;desc=miss, dc;desc=euw3 strict-transport-security max-age=120 content-type application/json;charset=utf-8 expires 0
POST H2	204	bt frog.wix.com/	0 256 B	312ms 112ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=1&event_name=Init&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=1f18766d-90d5-4326-b652-b20b2da28480&pn=1&sessionId=ae5ec20a-b835-4d6b-a4ae-397422d1a69a&siterev=253-__siteCacheRevision__&st=2&ts=29&tts=306&url=https%3A%2F%2Fwww.refundmatic.com%2F&v=0.0.0&vsi=d60a1dc2-5cdf-4b6f-94c2-46cd703ba148&_brandId=wix Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:42 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
GET H2	200	clientWorker.2d3c81e4.bundle.min.js www.refundmatic.com/_partials/wix-thunderbolt/dist/	398 KB 112 KB	87ms 87ms	Other application/javascript	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.refundmatic.com/_partials/wix-thunderbolt/dist/clientWorker.2d3c81e4.bundle.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.19.0 / Resource Hash ed8f2194fc1deb5544efdb1b5c4c665508408d9e56e70ed1e158d47b9eeeaded Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 18:10:42 GMT content-encoding gzip age 26422 x-cache Hit from cloudfront access-control-allow-origin * x-wix-request-id 1608660642.24040275952326310 last-modified Tue, 22 Dec 2020 10:34:14 GMT server Pepyaka/1.19.0 etag W/"4d150064a79844ea74be2e71872c9236" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 95f372def48b268a5ae55a9a5ecb4479.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop DUB2-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id x2K_-NrFGBkFHtuuj9iwgCoid1cE8Id_cQOBOVBzzQhe4avirw3kXA== x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVO41WPKnFMbc7ID/2Bjixvw=,2iuX5LYwvZa9CoGaG8ZUZi0sSU/BcUtJyZ1jkLmRlns=
GET H2	200	siteTags.bundle.min.js Show response static.parastorage.com/services/tag-manager-client/1.240.0/	10 KB 4 KB	41ms 40ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/tag-manager-client/1.240.0/siteTags.bundle.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash a99795e2ea888569c3089c0e7074dc969cb6a60d565f491c86d6ed7b980396a4 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 08:09:19 GMT content-encoding gzip age 3146483 x-cache Hit from cloudfront content-length 3703 access-control-allow-origin * last-modified Mon, 16 Nov 2020 07:35:14 GMT server nginx/1.13.6 etag W/"7393002f4fc8ef5f38345dcfb8cc8ce3" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id vjQwhVjki0neiw6sfZRoZBF4m-weOcpjsU6RMj0AwGRWEclQ0cZUYQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZlAnkemd93oaJxNJVvBGP7w=
GET H2	200	thunderboltElements.c5d23144.bundle.min.js Show response static.parastorage.com/services/editor-elements/dist/	150 KB 24 KB	41ms 41ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.c5d23144.bundle.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash dd8a0f016695793a29788f26be2e25cb9741b85244bc7dc1d736faf6df49837b Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 10:49:11 GMT content-encoding gzip age 26509 x-cache Hit from cloudfront content-length 23799 access-control-allow-origin * last-modified Tue, 22 Dec 2020 09:39:46 GMT server nginx/1.13.6 etag W/"ca737d7ca4fb49c2c19b3256e378f240" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id XloDWlonDyT5QY-pQPEtDSXhwrT9ykmJaISEN9cBrlTgWICzN8dt4w== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	wix-perf-measure.bundle.min.js Show response static.parastorage.com/services/wix-perf-measure/1.317.0/	24 KB 10 KB	41ms 41ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-perf-measure/1.317.0/wix-perf-measure.bundle.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 686f658dd951e6264a522af7f012d3406c328b0c73e87b4c980b917ef9e62f14 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 20 Dec 2020 11:33:22 GMT content-encoding gzip content-type application/javascript age 196640 x-cache Hit from cloudfront x-amz-replication-status REPLICA content-length 9263 access-control-allow-origin * last-modified Sun, 20 Dec 2020 11:27:22 GMT server nginx/1.13.6 etag W/"8a08c484cd01011f91d90e2c5e5b23af" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST x-amz-version-id JDg4n6FvXcUl1qaka_uZrzzLi1CmU1NB via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id DCWrir4m8FksFGdq0f-C8Hr9afJc_IMnG87Q91WlTot-wJsU0wUmSQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZvN7XVy4i2aMdGGY3hsiBV8=
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	34 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
POST H2	204	bt frog.wix.com/	0 256 B	111ms 111ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=12&event_name=Partially%20visible&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=1f18766d-90d5-4326-b652-b20b2da28480&pid=PROTECTED&pn=1&rid=request-id-placeholder&sar=1600x1200&sessionId=ae5ec20a-b835-4d6b-a4ae-397422d1a69a&siterev=253-__siteCacheRevision__&sr=1600x1200&st=2&ts=440&tts=717&url=https%3A%2F%2Fwww.refundmatic.com%2F&v=0.0.0&vid=34184c7a-a3fb-4600-a868-63024fdbb19c&bsi=43dfe878-a077-4e28-ba09-f32e42bcc490|1&vsi=d60a1dc2-5cdf-4b6f-94c2-46cd703ba148&wor=1600x1200&wr=1600x1200&_brandId=wix Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:42 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
GET H2	200	thunderbolt Show response siteassets.parastorage.com/pages/pages/	18 KB 4 KB	104ms 104ms	Fetch text/css	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://siteassets.parastorage.com/pages/pages/thunderbolt?beckyExperiments=specs.thunderbolt.videobox_united%3Atrue%2Cspecs.thunderbolt.tb_SelectionTagsDoNotAcceptValuesThatDoNotMatchOptions%3Atrue%2Cspecs.thunderbolt.tb_SelectionTagsOptionsClearOnlyIrrelevantValues%3Atrue%2Cspecs.thunderbolt.tb_media_layout_by_effect%3Atrue&contentType=text%2Fcss&deviceType=Desktop&dfCk=6&dfVersion=1.1130.0&experiments=bv_migrateResponsiveLayoutToSingleLayoutData%2Cbv_migrateResponsiveToVariantsModels%2Cbv_remove_add_chat_viewer_fixer%2Cdm_removeMissingResponsiveRefs%2Csv_unquoteUsedFontsInDataFixer%2Csv_usedFontsDataFixer&fileId=66befa2c.bundle.min&isHttps=true&isInSeo=false&isPremiumDomain=true&isUrlMigrated=true&isWixCodeOnPage=false&isWixCodeOnSite=false&language=en&metaSiteId=1f18766d-90d5-4326-b652-b20b2da28480&module=thunderbolt-css&originalLanguage=en&pageId=3a3b4f_6c84d7d504b01c8e1b3b25eb360bacee_252.json&quickActionsMenuEnabled=false&remoteWidgetStructureBuilderVersion=1.224.0&siteId=a31f6e32-2620-4deb-8fdb-f06c644c8841&siteRevision=253&stylableMetaData=thunderbolt-elements.8cbf4785aa54075ccf85ec97ad5ed433947c74f8&tbElementsSiteAssets=siteAssets.141787ce.bundle.min.js&v=3&viewMode=desktop Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash e79e72cc7f393360a9c4473fceb794e24b460c6a0f852c0bcf75b826d682aa51 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 18:10:42 GMT content-encoding gzip x-amz-cf-pop HAM50-C1 x-cache Miss from cloudfront content-length 3575 timing-allow-origin * access-control-allow-origin * x-newrelic-app-data PxQFUlJRABABV1BTBQAPVlETGhE1AwE2QgNWEVlbQFtcCxYkSRFBBxdFXRJJJH1nH0sRA1BURElOExoDTlZNUwhSAVIJCwwFH0gITRNXVQRSVAUEAgANUAVWBVcHExsABV1FVj8= server nginx/1.13.6 etag W/"4909-SxYwYu4kf5i1JCJTt3T4AJR1EHk" access-control-allow-methods GET, OPTIONS, POST x-varnish 3507929 1071020874 via 1.1 varnish (Varnish/6.0), 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront) access-control-expose-headers age,via,x-cache-status,X-cache-status cache-control public, max-age=7776000 accept-ranges bytes content-type text/css; charset=utf-8 access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id E5i8xZ5RuYLJfLof6ATQlcuemgJqd8nvP8M5n8F_NcJub2wEpDx2gQ== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZo/YDPOmus5aDqIIzbW3xIE=,/SoSYmefJLK2hiZpy2XaYlN1tYMUtM33SkDcJDaLDqno5sdon7EWMDIlFGW3BO6svGQ2Otd3B2C27oTTIAKJtQ==,ZUT6NeJ/NsDmQ9DMGnwT1BEjCEpKoOddh8MPS5k23ILJftmKrOReD3ukbbas4YDo
POST H2	204	site-members frog.wix.com/	0 256 B	112ms 112ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/site-members?_msid=1f18766d-90d5-4326-b652-b20b2da28480&vsi=d60a1dc2-5cdf-4b6f-94c2-46cd703ba148&rid=request-id-placeholder&_av=thunderbolt-1.4725.0&_brandId=wix&_ms=748&src=5&evid=698&biToken=1f18766d-90d5-4326-b652-b20b2da28480&context=undefined&ts=470&viewmode=undefined&visitor_id=34184c7a-a3fb-4600-a868-63024fdbb19c&site_member_id=undefined&site_settings_lng=en&browser_lng=en&lng_mismatch=false&layout=undefined&_visitorId=34184c7a-a3fb-4600-a868-63024fdbb19c&_siteMemberId=undefined&bsi=43dfe878-a077-4e28-ba09-f32e42bcc490%7C1&_lv=2.0.875&_=16086606426680 Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:42 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
GET H2	200	cdn_detect Show response static.parastorage.com/	11 B 670 B	38ms 38ms	Fetch binary/octet-stream	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/cdn_detect Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-perf-measure/1.317.0/wix-perf-measure.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 4795a1c2517089e4df569afd77c04e949139cf299c87f012b894fccf91df4594 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id UY3zPgS6y1XEKb75K1qjlNgHtfPG4_Dt via 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront) etag "7c12772809c1c0c3deda6103b10fdfa0" age 16 x-cache Hit from cloudfront content-length 11 cdn-seen Cloudfront last-modified Tue, 14 May 2019 14:10:15 GMT server nginx/1.13.6 date Tue, 22 Dec 2020 18:10:26 GMT access-control-max-age 3000 access-control-allow-methods GET, GET, OPTIONS, POST content-type binary/octet-stream access-control-allow-origin * access-control-expose-headers CDN-seen cache-control public, max-age=60 x-amz-cf-pop HAM50-C1 accept-ranges bytes timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id YOVSNBiHGyrPmQwvvhwhzY3_xQf737cirf_S3a5fQROIL49Aev8kaw==
GET H2	200	reporter-api.8e387710.chunk.min.js Show response static.parastorage.com/services/wix-thunderbolt/dist/	27 KB 8 KB	39ms 38ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/wix-thunderbolt/dist/reporter-api.8e387710.chunk.min.js Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash d8bf1f7f349a033a97bedac88fc63026a77cc29c98bdedfbcf626f045355f42a Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 21 Dec 2020 14:33:50 GMT content-encoding gzip age 99412 x-cache Hit from cloudfront content-length 7093 access-control-allow-origin * last-modified Mon, 21 Dec 2020 10:26:56 GMT server nginx/1.13.6 etag W/"860a6243b5cdfb038b9ed429bb762afd" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id iiSfVufetQ2swjo494M1nOqLroDecKgEZqnwc-xzNI9ixrZKKr6O2A== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZin0sUSJutZpk/zfuEVAjko=
GET H2	200	1f18766d-90d5-4326-b652-b20b2da28480 Show response www.refundmatic.com/_api/tag-manager/api/v1/tags/sites/	66 B 1 KB	116ms 115ms	XHR application/json	35.242.251.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.refundmatic.com/_api/tag-manager/api/v1/tags/sites/1f18766d-90d5-4326-b652-b20b2da28480?wixSite=false&htmlsiteId=a31f6e32-2620-4deb-8fdb-f06c644c8841&language=en Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/tag-manager-client/1.240.0/siteTags.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.242.251.130 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.251.242.35.bc.googleusercontent.com Software Pepyaka/1.19.0 / Resource Hash 2771fd4cae3b2fee1d4707051af0fb7cd4ae001bb1866bff37f801af3ca3067a Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.refundmatic.com/ authorization tFA_wyGZP98qHyXuK9OBFaQV_ZA9AuHq86u0ERECgCc.eyJpbnN0YW5jZUlkIjoiMWYxODc2NmQtOTBkNS00MzI2LWI2NTItYjIwYjJkYTI4NDgwIiwiYXBwRGVmSWQiOiIyMmJlZjM0NS0zYzViLTRjMTgtYjc4Mi03NGQ0MDg1MTEyZmYiLCJtZXRhU2l0ZUlkIjoiMWYxODc2NmQtOTBkNS00MzI2LWI2NTItYjIwYjJkYTI4NDgwIiwic2lnbkRhdGUiOiIyMDIwLTEyLTIyVDE4OjEwOjQyLjMxNFoiLCJkZW1vTW9kZSI6ZmFsc2UsImFpZCI6IjM0MTg0YzdhLWEzZmItNDYwMC1hODY4LTYzMDI0ZmRiYjE5YyIsInNpdGVPd25lcklkIjoiM2EzYjRmNmMtM2E5Yi00N2MwLWIyOGUtMmFjYjhiMzVhNTk0In0 content-type application/json Response headers pragma no-cache date Tue, 22 Dec 2020 18:10:42 GMT x-wix-request-id 1608660642.73440275952426310 server Pepyaka/1.19.0 etag W/"42-+fJ4R1dR0GhGWI1r2wY6O+V2C0E" content-type application/json; charset=utf-8 cache-control no-store, no-cache content-length 66 x-seen-by sHU62EDOGnH2FBkJkG/Wx8EeXWsWdHrhlvbxtlynkVj8hHIDsGU3U8in4aXN4Wxi,qquldgcFrj2n046g4RNSVAiOxhA7Vkxnx3Qqcd3yJLo=,rXUceJIlvIg2Ftogbhjv0L3aUeadwn3WYQ8oM3L8BsrWxk4llpqmUN/xx0BbrT3IWIHlCalF7YnfvOr2cMPpyw==,Ts+7R/4FijtA6c9psi3FQI/UBl6+nvN2LNYqqrVj2RdNG+KuK+VIZfbNzHJu0vJu,MDFDoTqjWxpWhAuWfTm+PBwrmw4peciTiejamat8rlL7vftj1iUnRN3DIvfcRsJJKmZYm1ctpu3g55wgtGnP9A==,Ts+7R/4FijtA6c9psi3FQI/UBl6+nvN2LNYqqrVj2RdNG+KuK+VIZfbNzHJu0vJu,l7Ey5khejq81S7sxGe5NkwwDaa8LK5F4TMsu3NxlmseTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,mvxQ9qSAmY38asKjFCcmG13SVmT9qymyKfPI4JgyH2ysNsL0WdTZA8n1FO/FHGrhb5MWsLQPAjMj47yrQpfvFg==,l7Ey5khejq81S7sxGe5Nk2Q5wgCsXawvz3cGpohO+PRXz5t7NzGxeu2CXkk1aB7ZGlsroP2XR0N+rjgJK/PU9A==,tznMqpp3e1oucszW+OT1FO3FFsy8wG56+BMOIGOg86X51M/yTLNcM9scsGEKeK3/JGGLwVDvNNNQAmMs8TuEyliB5QmpRe2J37zq9nDD6cs=,IaDuTAMGGvhXtruM6nHg6jvYraOPaS0DNthZZ5l4V7CTzRA6xkSHdTdM1EufzDIPWIHlCalF7YnfvOr2cMPpyw==,Tw2AanFDQ+Wwo8Xxk6ZL7vMvs6ooDt5MQ8CxsjvAHWjyHRfhB4gTMMYABZMjprkCBiUZmhPAYx+nEMk+rq4wpQ==
POST H2	204	bt frog.wix.com/	0 256 B	111ms 111ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/bt?src=29&evid=3&viewer_name=thunderbolt&caching=miss,miss&dc=84&et=33&event_name=page%20interactive&is_cached=false&is_platform_loaded=0&is_rollout=0&ism=1&isp=0&isjp=true&iss=0&ita=1&msid=1f18766d-90d5-4326-b652-b20b2da28480&pid=PROTECTED&pn=1&rid=request-id-placeholder&sar=1600x1200&sessionId=ae5ec20a-b835-4d6b-a4ae-397422d1a69a&siterev=253-__siteCacheRevision__&sr=1600x1200&st=2&ts=539&tts=816&url=https%3A%2F%2Fwww.refundmatic.com%2F&v=0.0.0&vid=34184c7a-a3fb-4600-a868-63024fdbb19c&bsi=43dfe878-a077-4e28-ba09-f32e42bcc490|1&vsi=d60a1dc2-5cdf-4b6f-94c2-46cd703ba148&wor=1600x1200&wr=1600x1200&_brandId=wix Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:42 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
GET H2	200	bootstrap-components.3e5325c3.chunk.min.css static.parastorage.com/services/editor-elements/dist/	21 KB 6 KB	40ms 40ms	Stylesheet text/css	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/editor-elements/dist/bootstrap-components.3e5325c3.chunk.min.css Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.c5d23144.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash c658f6dbda0bd0659e95a0aba2c924ca5ae05df5856f03c77b6e8875606297ee Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 13 Dec 2020 11:00:12 GMT content-encoding gzip age 803430 x-cache Hit from cloudfront content-length 5891 access-control-allow-origin * last-modified Thu, 03 Dec 2020 11:34:58 GMT server nginx/1.13.6 etag W/"145b6f4b5a914582f7039dfb90bcea7a" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type text/css; charset=utf-8 via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id P1w_YQxO2r3X7TO6MCmQnr-t-kTm2aYwpaVuFhdrXF4FfptKodbkag== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZin0sUSJutZpk/zfuEVAjko=
GET H2	200	bootstrap-components.6ff40858.chunk.min.js Show response static.parastorage.com/services/editor-elements/dist/	50 KB 15 KB	42ms 41ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/editor-elements/dist/bootstrap-components.6ff40858.chunk.min.js Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.c5d23144.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash bb868c5832d419a4ddd5aca6a01c8a9b6931467e6814c75099b334cf2f542605 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 10:49:12 GMT content-encoding gzip age 26508 x-cache Hit from cloudfront content-length 15044 access-control-allow-origin * last-modified Tue, 22 Dec 2020 09:39:47 GMT server nginx/1.13.6 etag W/"50a06f429d6cdcec1e0c762ff7baf37d" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id fWgM4sSL6hU-2K9l4SbRbc5nIBaS2akV8oF8ZoTWOsfpLjIqhV0_8w== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZmLh3wL15R1dMtR3OJeGh54=
GET H2	200	EnterPasswordDialog.17d0d8fa.chunk.min.css static.parastorage.com/services/editor-elements/dist/	4 KB 2 KB	42ms 41ms	Stylesheet text/css	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/editor-elements/dist/EnterPasswordDialog.17d0d8fa.chunk.min.css Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.c5d23144.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 7e7ce007019ccf909cefcd8d68eb3d00a70d8a4a407101464e5bac0d1a635b15 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 14 Dec 2020 05:48:53 GMT content-encoding gzip age 735709 x-cache Hit from cloudfront content-length 1297 access-control-allow-origin * last-modified Sun, 08 Nov 2020 13:50:33 GMT server nginx/1.13.6 etag W/"27bdc81b2a2f6b6ec9452f1db338a085" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type text/css; charset=utf-8 via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id CFVryFIqVSfg7qGcFxuCUT8hveQHTnIXStL_zIdKnuHInJOjVeHSIA== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	EnterPasswordDialog.2a53e1e1.chunk.min.js Show response static.parastorage.com/services/editor-elements/dist/	3 KB 2 KB	44ms 43ms	Script application/javascript	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/editor-elements/dist/EnterPasswordDialog.2a53e1e1.chunk.min.js Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/editor-elements/dist/thunderboltElements.c5d23144.bundle.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash d109fedca5348d0d05ea3852e2ba06bb9815c726445ac247efa3c6c9f454b8db Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 22 Dec 2020 13:09:50 GMT content-encoding gzip age 18052 x-cache Hit from cloudfront content-length 1591 access-control-allow-origin * last-modified Tue, 22 Dec 2020 09:39:46 GMT server nginx/1.13.6 etag W/"e0a0825f134e8644d8e2e5e5c16b8737" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST content-type application/javascript via 1.1 ddf1a4286ca5a84e441f34f1b121a3ca.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 timing-allow-origin * access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id m3cmlH6v5ElJ9BdyDm-j-gLjTL_6y-An7KCqn6uuzfjONClOA7pmCA== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	c5749443-93da-4592-b794-42f28d62ef72.woff static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/	38 KB 38 KB	66ms 65ms	Font application/x-font-woff	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/c5749443-93da-4592-b794-42f28d62ef72.woff Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash 802f590bd0df31bc52792a37728758d1415ec92797e4796eb4e109489e5d3919 Request headers Origin https://www.refundmatic.com Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 05 Dec 2020 22:16:35 GMT content-encoding gzip age 1454047 x-cache Hit from cloudfront timing-allow-origin * access-control-allow-origin * last-modified Tue, 17 Apr 2018 11:10:53 GMT server nginx/1.13.6 etag W/"cd58ed01633a9ebed4c99595a6f7812c-1" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, POST x-amz-version-id EocFJpMOP5DjzbcOPcEobOTdU3ma9iB1 via 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 content-type application/x-font-woff access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id 2DdAMd7eJeMwmmw8GGmwA8X9l9pp1B3hMm1Q1l1EiIFF79I0IOcxqA== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZiAcFaPhUOS5/m+w53CFNmE=
GET H2	200	4021a3b9-f782-438b-aeb4-c008109a8b64.woff static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/	46 KB 46 KB	44ms 44ms	Font application/x-font-woff	52.222.177.80 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.parastorage.com/services/third-party/fonts/user-site-fonts/fonts/4021a3b9-f782-438b-aeb4-c008109a8b64.woff Requested by Host: www.refundmatic.com URL: https://www.refundmatic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.177.80 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-177-80.ham50.r.cloudfront.net Software nginx/1.13.6 / Resource Hash e8efc6127a972196003f55730b8f12be19e724b11e751f483f73b2ce9e7de009 Request headers Origin https://www.refundmatic.com Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 06 Dec 2020 00:06:14 GMT content-encoding gzip vary Accept-Encoding age 1447468 x-cache Hit from cloudfront timing-allow-origin * access-control-allow-origin * last-modified Tue, 17 Apr 2018 11:10:41 GMT server nginx/1.13.6 etag W/"1f8210a15cb22be6ba959801a2158c1d-1" access-control-max-age 3000 access-control-allow-methods GET, GET, OPTIONS, POST x-amz-version-id 0MIhvblKcNOZBKnKo6HCgoh97JkTUZDD via 1.1 53767392640cf5282c1ce18d7cc7b0e1.cloudfront.net (CloudFront) cache-control public, max-age=7776000 x-amz-cf-pop HAM50-C1 content-type application/x-font-woff access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-* x-amz-cf-id k5Ru3Yn12HN6Puyp6C_f7g6HUbq2V_cymAcN3VYk_3o6124JTXIM4A== x-seen-by 2iuX5LYwvZa9CoGaG8ZUZhv5PBTbDqajrGhTCYfPb4Y=
POST H2	204	/ frog.wix.com/	0 256 B	130ms 130ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/ Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:43 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
POST H2	204	/ frog.wix.com/	0 256 B	112ms 111ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/ Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:44 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST
POST H2	204	/ frog.wix.com/	0 256 B	111ms 111ms	Other text/plain	52.203.79.140 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://frog.wix.com/ Requested by Host: static.parastorage.com URL: https://static.parastorage.com/services/wix-thunderbolt/dist/main.8495fc89.chunk.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.203.79.140 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.refundmatic.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://www.refundmatic.com date Tue, 22 Dec 2020 18:10:49 GMT access-control-allow-credentials true server nginx access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With access-control-allow-methods GET, POST

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| lodashPromise function| __onLodashLoaded object| initialTimestamps string| thunderboltTag string| thunderboltVersion object| fedops object| webpackJsonp__wix_thunderbolt_app object| Sentry object| viewerModel object| fetchDynamicModel object| commonConfig object| React object| ReactDOM function| ReactDomLoadedResolve object| ReactDomLoaded function| ThunderboltElementsLoadedResolve object| ThunderboltElementsLoaded object| bi function| _addWindowMessageHandler function| _ object| consentPolicyManager object| fastdom object| initialAssets boolean| bodyCacheable object| exclusionReason object| ssrInfo boolean| clientSideRender string| firstPageId object| wixPerformanceMeasurements object| wix-perf-measure object| webpackJsonp_thunderbolt_elements object| thunderboltElements object| wixEmbedsAPI object| wixTagManager object| wixDevelopersAnalytics

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.refundmatic.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: 1608660642|azy00AscCrR6
			.www.refundmatic.com/	1970-01-19 14:51:02	Name: bSession Value: 43dfe878-a077-4e28-ba09-f32e42bcc490|1
			.www.refundmatic.com/	1970-01-20 08:22:12	Name: svSession Value: e27af20a7aa18bae0e1a031de8717a9bb7ed9be900b45ffbee66db19d57c4f807399856bb8ce0bc6a27844ed7180ce8a1e60994d53964e647acf431e4f798bcdf4ab7f23cc34d22d221ba2d2f252e402c7887ed07071d058c33bc6b43d4f1ad0
			.www.refundmatic.com/	1969-12-31 23:59:59	Name: hs Value: -1177802850
			www.refundmatic.com/	1970-01-19 14:51:00	Name: ssr-caching Value: "cache#desc=miss#varnish=miss#dc#desc=euw3"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=120

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

frog.wix.com
siteassets.parastorage.com
static.parastorage.com
www.refundmatic.com
35.242.251.130
52.203.79.140
52.222.177.80
186b87d4871b7c1c41e239a00bc81f1e1e7dfee96a21f5cf6645e6afe91fd1b6
1cfc654d2131b0b1992c3cd236043317a929aff72ea7f5d8c1f4b0901b70e2ce
26cdcdeecd5840d8a18a660aae8e1ea553fabbe2ef113c26c5e6d97621e38a42
2771fd4cae3b2fee1d4707051af0fb7cd4ae001bb1866bff37f801af3ca3067a
2e7751561c850c9e6307a6ec5ea372a246b8fc782c918900d674c424f981dc5e
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
374bfb4e5c9d130dca2664f9e78ab77481e1ea72fb5c296b05096e965e52826a
3e0deaf6e7d8a9bcbd39aa3487238c4576bce88720cc2690f88b8118ccd94455
4795a1c2517089e4df569afd77c04e949139cf299c87f012b894fccf91df4594
4ea19752a8f40e4bfe94deb549056f1a28793bc00bd318217f82beabd9cc3216
55e35a1415438685f71fe809dfb0e94ff9d3b994dd8d8ae8f7206bb878d59a84
686f658dd951e6264a522af7f012d3406c328b0c73e87b4c980b917ef9e62f14
69cf0dec3b5b3fb894b1fcc04727911edff681aa1a2a7e4a1e284230cc63045e
6ab8cdd9f9d9db62fad0e608f3f6e919d349e52a83929b145a8309d3bc95ed7d
7140d0cd2f500c057d6198e0c37a1fd0a7ecd3ac7e2c083393c26718582d9272
73a2f1ecd0afe541efa6d70de7d8c4af8cad6397a09c800dbb30fdb1addb2e84
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7e7ce007019ccf909cefcd8d68eb3d00a70d8a4a407101464e5bac0d1a635b15
7f16b8a6b4febe7c55d398a9ca748a419a6b77bbbf9b4bc3ce7d910b703e850d
802f590bd0df31bc52792a37728758d1415ec92797e4796eb4e109489e5d3919
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8cc548169f31e7940f773b1967adefa6569d6b8304872fbd1ebe129ee0c5678b
952b1604768b071a4abd7066bd314d83c261c0c3a7c3529a2d5d2dc049730f45
a99795e2ea888569c3089c0e7074dc969cb6a60d565f491c86d6ed7b980396a4
bb868c5832d419a4ddd5aca6a01c8a9b6931467e6814c75099b334cf2f542605
c658f6dbda0bd0659e95a0aba2c924ca5ae05df5856f03c77b6e8875606297ee
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cd784333be10ffa1f7580edab4bdad4a67fe0d4cc693731abe36fb86cb90280c
d109fedca5348d0d05ea3852e2ba06bb9815c726445ac247efa3c6c9f454b8db
d8bf1f7f349a033a97bedac88fc63026a77cc29c98bdedfbcf626f045355f42a
dd8a0f016695793a29788f26be2e25cb9741b85244bc7dc1d736faf6df49837b
de85e1d13d8d02048f52a95cfc55621ee8fbcbf32366429ba01d86c089af3cdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79e72cc7f393360a9c4473fceb794e24b460c6a0f852c0bcf75b826d682aa51
e8efc6127a972196003f55730b8f12be19e724b11e751f483f73b2ce9e7de009
ed8f2194fc1deb5544efdb1b5c4c665508408d9e56e70ed1e158d47b9eeeaded