www.refundretriever.com Open in urlscan Pro
104.198.3.239 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://refundretreiver.com/
Effective URL:
https://www.refundretriever.com/
Submission: On September 11 via automatic, source certstream-suspicious (September 11th 2021, 12:17:45 am UTC) — Scanned from DE

Summary HTTP 126 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 25 IPs in 6 countries across 24 domains to perform 126 HTTP transactions. The main IP is 104.198.3.239, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.refundretriever.com.
TLS certificate: Issued by R3 on July 4th 2021. Valid for: 3 months.

This is the only time www.refundretriever.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	104.198.3.239 104.198.3.239	15169 (GOOGLE) (GOOGLE)
71	94.31.29.99 94.31.29.99	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4007:812::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.172.187.134 35.172.187.134	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4007:80e::2008	15169 (GOOGLE) (GOOGLE)
1	204.141.42.49 204.141.42.49	2639 (ZOHO-AS) (ZOHO-AS)
1 1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4007:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f027:18:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4007:81a::200e	15169 (GOOGLE) (GOOGLE)
2	204.141.43.67 204.141.43.67	2639 (ZOHO-AS) (ZOHO-AS)
1	216.58.198.194 216.58.198.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a02:26f0:c80... 2a02:26f0:c800:2ba::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4007:80d::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:818::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:809::2002	15169 (GOOGLE) (GOOGLE)
2	204.141.42.97 204.141.42.97	2639 (ZOHO-AS) (ZOHO-AS)
126	25

9 104.198.3.239 (The Dalles, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 239.3.198.104.bc.googleusercontent.com

refundretreiver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.refundretriever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net

17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:812::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.172.187.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-187-134.compute-1.amazonaws.com

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.141.42.49 (United States)

ASN2639 (ZOHO-AS, US)

crm.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States) 1 redirects

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.157 (Paris, France)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4007:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f027:18:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:81a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.43.67 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zoho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.198.194 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: par10s27-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.20.209.147 (Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:c800:2ba::25ea (London, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:818::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:809::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.141.42.97 (United States)

ASN2639 (ZOHO-AS, US)

salesiq.zohopublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	netdna-ssl.com 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com	3 MB
9	zohocdn.com css.zohocdn.com js.zohocdn.com	397 KB
8	refundretriever.com www.refundretriever.com	230 KB
7	gstatic.com fonts.gstatic.com	150 KB
3	zoho.com crm.zoho.com salesiq.zoho.com	45 KB
2	zohopublic.com salesiq.zohopublic.com	4 KB
2	google.de www.google.de	676 B
2	google.com www.google.com	676 B
2	facebook.com www.facebook.com	514 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	facebook.net connect.facebook.net	114 KB
2	twitter.com 1 redirects platform.twitter.com analytics.twitter.com	996 B
2	gaconnector.com track.gaconnector.com	4 KB
2	cloudflare.com cdnjs.cloudflare.com	53 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	t.co t.co	454 B
1	googleadservices.com www.googleadservices.com	14 KB
1	addtoany.com static.addtoany.com	29 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	refundretreiver.com 1 redirects refundretreiver.com	85 B
0	linkedin.com Failed www.linkedin.com Failed
126	24

	Domain	Requested by
71	17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com	www.refundretriever.com 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
8	www.refundretriever.com	www.refundretriever.com cdnjs.cloudflare.com
7	fonts.gstatic.com	fonts.googleapis.com
6	js.zohocdn.com	salesiq.zoho.com js.zohocdn.com
3	css.zohocdn.com	salesiq.zoho.com css.zohocdn.com js.zohocdn.com
2	salesiq.zohopublic.com	js.zohocdn.com www.refundretriever.com
2	www.google.de	www.refundretriever.com
2	www.google.com	www.refundretriever.com
2	www.facebook.com	www.refundretriever.com
2	salesiq.zoho.com	www.refundretriever.com salesiq.zoho.com
2	www.google-analytics.com	www.refundretriever.com www.google-analytics.com
2	connect.facebook.net	www.refundretriever.com connect.facebook.net
2	track.gaconnector.com	www.refundretriever.com track.gaconnector.com
2	cdnjs.cloudflare.com	www.refundretriever.com
2	fonts.googleapis.com	www.refundretriever.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com	platform.twitter.com
1	snap.licdn.com	www.refundretriever.com
1	t.co	www.refundretriever.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.addtoany.com	www.refundretriever.com
1	static.ads-twitter.com	www.refundretriever.com
1	platform.twitter.com	1 redirects
1	crm.zoho.com	www.refundretriever.com
1	www.googletagmanager.com	www.refundretriever.com
1	refundretreiver.com	1 redirects
0	www.linkedin.com Failed	www.refundretriever.com
126	28

This site contains links to these domains. Also see Links.

Domain
client.refundretriever.com
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
plus.google.com
www.yelp.com
www.bbb.org

Subject Issuer	Validity	Valid
www.refundretriever.com R3	`2021-07-04` - `2021-10-02`	3 months	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.zoho.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-14` - `2022-05-14`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.zohocdn.com R3	`2021-09-04` - `2021-12-03`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.zohopublic.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-04` - `2022-03-04`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://www.refundretriever.com/
Frame ID: 6BE53E7C3E383028C8A5F899DA6D74EF
Requests: 117 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 01336E8242F5F155CEA4CCCF8AC74DA3
Requests: 1 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/styles/newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css
Frame ID: AFC2A895077F4D560F889729BC96B75F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Refund Retriever | Shipment Auditing

Page URL History Show full URLs

https://refundretreiver.com/ HTTP 301
https://www.refundretriever.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

126
Requests

99 %
HTTPS

56 %
IPv6

24
Domains

28
Subdomains

25
IPs

6
Countries

4371 kB
Transfer

9884 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://client.refundretriever.com/
Title: Login

Search URL Search Domain Scan URL

URL: https://twitter.com/RefundRetriever

Search URL Search Domain Scan URL

URL: https://www.facebook.com/RefundRetriever/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/refund-retriever

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwSbkZye0PB90rAoc8jc2dg

Search URL Search Domain Scan URL

URL: https://plus.google.com/+RefundretrieverUPSFedExRefunds

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/refund-retriever-houston

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pg/RefundRetriever/reviews/?ref=page_internal

Search URL Search Domain Scan URL

URL: https://www.bbb.org/houston/business-reviews/shipping-masters/refund-retriever-llc-in-houston-tx-90017693

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://refundretreiver.com/ HTTP 301
https://www.refundretriever.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://platform.twitter.com/oct.js HTTP 301
https://static.ads-twitter.com/oct.js

Request Chain 121

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631319457026&url=https%3A%2F%2Fwww.refundretriever.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240978%26time%3D1631319457026%26url%3Dhttps%253A%252F%252Fwww.refundretriever.com%252F%26liSync%3Dtrue

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.refundretriever.com/
Redirect Chain

https://refundretreiver.com/
https://www.refundretriever.com/

128 KB
20 KB

5668ms
181ms

Document
text/html

104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 3fb5076df5212d5cc3ec0ee4de8ba86e1285b7817b9f3b21695b8ad7f7ee2185

Request headers

:method: GET
:authority: www.refundretriever.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Sat, 11 Sep 2021 00:17:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
last-modified: Fri, 09 Apr 2021 11:42:21 GMT
link: <https://www.refundretriever.com/wp-json/>; rel="https://api.w.org/" <https://www.refundretriever.com/wp-json/wp/v2/pages/2408>; rel="alternate"; type="application/json" <https://www.refundretriever.com/>; rel=shortlink
expires: Sat, 09 Oct 2021 17:55:28 GMT
x-powered-by: WP Engine
access-control-allow-origin: *
x-cacheable: YES:15552000.000
cache-control: max-age=15552000, must-revalidate
x-cache: HIT: 2375
x-cache-group: normal
content-encoding: br

Redirect headers

server: nginx
date: Sat, 11 Sep 2021 00:17:10 GMT
content-type: text/html
content-length: 162
location: https://www.refundretriever.com/

GET
H2 200 style.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 5100ms
9ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:13 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a09-13abe"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 blocks.style.build.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/dist/ 27 KB
3 KB 5100ms
10ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/dist/blocks.style.build.css?ver=2.6.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:17 GMT
server: NetDNA-cache/2.2
etag: W/"613a49d1-6c70"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/css/ 19 KB
3 KB 5100ms
10ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/css/style.css?ver=1.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f7988e3c04dbf5148adeed726b95dd21259e6cb9d3de4b608cf39ee35834c361

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 20:20:37 GMT
server: NetDNA-cache/2.2
etag: W/"5e348c15-4abf"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 51 KB
10 KB 5104ms
13ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-ccc9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/ 613 B
528 B 5104ms
14ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/style.css?ver=5.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 18584b5fca585444cc86adfc374bca6d805a0e12d73495beeab6d94a4da264d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-265"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 grid-system.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 69 KB
7 KB 5104ms
14ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/grid-system.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8e93ff9c9d6311c36c75b167f77b97a012ec931c88d308b883fcc576f967b146

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-113f4"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 597 KB
88 KB 5110ms
21ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7877050ec9f0a551a1c47b1654c9434bf40b8b8a65c61e2c1cc64b0d4696ee38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-9549c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 simple-dropdown.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/off-canvas/ 6 KB
2 KB 5124ms
34ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/off-canvas/simple-dropdown.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 16269aa9d7d3e729a4247c073f2a0cc19f00c747006933746fc93cb34674d592

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-19db"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/plugins/ 11 KB
3 KB 5118ms
29ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/plugins/magnific.css?ver=8.6.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-2ac9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 5109ms
31ms Stylesheet
text/css 2a00:1450:4007:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:812::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 23:12:44 GMT
server: ESF
date: Sat, 11 Sep 2021 00:17:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Sep 2021 00:17:21 GMT

GET
H2 200 responsive.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 114 KB
16 KB 5106ms
17ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/responsive.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: dc49fc342e53b4c9ba763abbd82e3f0c39a889f35b35cbf5d0f186b08934a4c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-1c8e2"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient-child/ 7 KB
2 KB 5123ms
34ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient-child/style.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ef8abb21406964a1a136fe0e19ed35c030ac4cb318b7a2917497c8cdf8b9d734

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:50:19 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf1cab-1a3b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ascend.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 58 KB
8 KB 5124ms
35ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ascend.css?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ff57968ba0d995d2dbcaa80779cb40a1dbc93d1bf5ee78301dc49629108bbd9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-e76d"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js_composer.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/css/ 109 KB
14 KB 5119ms
30ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/css/js_composer.min.css?ver=6.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 20:20:34 GMT
server: NetDNA-cache/2.2
etag: W/"5e348c12-1b398"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.lazyloadxt.fadein.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/css/ 445 B
475 B 5123ms
34ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.fadein.css?ver=5.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b36f9723de1d9f13021891814f4ed7269f2ede9bb814f9a914eefaeb5eb1f516

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-1bd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 a3_lazy_load.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/sass/ 127 B
334 B 5106ms
17ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1546933841
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Mon, 27 Jan 2020 22:59:38 GMT
server: NetDNA-cache/2.2
etag: W/"5e2f6b5a-7f"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 addtoany.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/ 1 KB
728 B 5124ms
36ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-5ef"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 salient-dynamic-styles.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/ 149 KB
21 KB 5121ms
33ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/salient-dynamic-styles.css?ver=34297
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e3e8d90b297b7103c351e76dc0f7e9dd783a6e25d059e158ccd297967357c0d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:54:50 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf1dba-25532"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1006 B 5109ms
31ms Stylesheet
text/css 2a00:1450:4007:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:812::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd9f04b42522f652398f4a708fb884a2dca0585d69056251b3cdbffbdc2d1de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 00:17:21 GMT
server: ESF
date: Sat, 11 Sep 2021 00:17:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Sep 2021 00:17:21 GMT

GET
H2 200 jquery.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 87 KB
31 KB 5127ms
39ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-15db1"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 11 KB
4 KB 5128ms
40ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-2bd8"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 addtoany.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/ 129 B
358 B 5128ms
40ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-81"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 svgs-inline-min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/svg-support/js/min/ 1 KB
821 B 5128ms
41ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6ffe5bb7b2bbd10ab6e9bdb605a8806d77ceb9d7a08a007e10b53471c4fa9c76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:18 GMT
server: NetDNA-cache/2.2
etag: W/"613a49d2-4dd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 5078ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js?ver=5.8

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3053149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3980
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zm%2BxDhfUUDc2w1P%2BifhfnCrYVnav3m%2BUIPVxOa4y8SsJbVEp2ZwRKrzlzcPkcA%2FrPT7EfSR6fFf9pZMKWafUX6cwraqEkufdk7rKy9nJxNpDK6LjLLjBnBIiRCarPU18MfKVllBYboTR%2BiXJ1cYG9Mb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68ccb66c6dcd5b32-FRA
expires: Thu, 01 Sep 2022 00:17:21 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ 8 KB
3 KB 5375ms
101ms Script
text/plain 35.172.187.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.187.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-187-134.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 3080
expires: Sat, 11 Sep 2021 01:17:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 5119ms
34ms Script
application/javascript 2a00:1450:4007:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067394428

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abebcd2fc7e82bc4d7c85c20a7278aab4578ec9312d8b9e46daf642384f49d20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39320
x-xss-protection: 0
last-modified: Sat, 11 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 11 Sep 2021 00:17:26 GMT

GET
H2 200 logo-rr.png
www.refundretriever.com/wp-content/uploads/2018/03/ 6 KB
6 KB 167ms
162ms Image
image/png 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.refundretriever.com/wp-content/uploads/2018/03/logo-rr.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8

Request headers

:path: /wp-content/uploads/2018/03/logo-rr.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:14 GMT
server: nginx
etag: "5b1245a6-1745"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5957

GET
H2 200 logo-rr.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/03/ 6 KB
6 KB 40ms
35ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/03/logo-rr.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:14 GMT
server: NetDNA-cache/2.2
etag: "5b1245a6-1745"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5957

GET
H2 200 lazy_placeholder.gif
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
267 B 40ms
36ms Image
image/gif 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: "613a49cf-2a"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 42

GET
H2 200 wp-emoji-release.min.js Show response
www.refundretriever.com/wp-includes/js/ 18 KB
5 KB 178ms
174ms Script
application/javascript 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: br
last-modified: Thu, 09 Sep 2021 17:53:13 GMT
server: nginx
etag: W/"613a4a09-4705"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 trustedbyexperts.jpg
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/ 30 KB
30 KB 40ms
36ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/04/trustedbyexperts.jpg
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a5c1beaa3e3011831d0c8fc84b02f5362c126cb0dc5dc6f4a0fdbe0ba3f93d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Mon, 07 Jan 2019 22:01:47 GMT
server: NetDNA-cache/2.2
etag: "5c33cc4b-7734"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 30516

GET
H2 200 5stars.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/ 2 KB
2 KB 41ms
37ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/5stars.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 71a607ab6050f64e6fd078d3ecb45517636623f4c82bb2d96fbfdfee0cfb8a73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:17 GMT
server: NetDNA-cache/2.2
etag: "5b1245a9-721"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1825

GET
H2 200 review-facebook.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/ 4 KB
4 KB 42ms
38ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/review-facebook.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7ac138b6a78fd04c92aab6020c2669e91f2b0fc9e832a0e15faaefdce19c1e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:19 GMT
server: NetDNA-cache/2.2
etag: "5b1245ab-1027"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 4135

GET
H2 200 review-bbb.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/ 2 KB
3 KB 42ms
38ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/11/review-bbb.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ce4cfe5020df792fb1ac39bb2f9c6ae7a0e4468423735a477b45785579ac602f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Mon, 27 Jan 2020 22:59:21 GMT
server: NetDNA-cache/2.2
etag: "5e2f6b49-9de"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2526

GET
H2 200 review-yelp.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/ 3 KB
3 KB 42ms
38ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/05/review-yelp.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8b5fc6c399a32bc4fd40a94fc3cbc02bd7467094f3d080bfcb5d25accc081e54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:19 GMT
server: NetDNA-cache/2.2
etag: "5b1245ab-d04"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3332

GET
H2 200 ambc.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2020/01/ 23 KB
23 KB 43ms
40ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2020/01/ambc.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6b5730ae9f33a0a7afe9a86492c861267b99a4bc832cb74ad0412b14639c0d01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Fri, 31 Jan 2020 21:20:49 GMT
server: NetDNA-cache/2.2
etag: "5e349a31-5b14"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 23316

GET
H2 200 rs-associates-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 18 KB
18 KB 44ms
41ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/rs-associates-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 96b73859ad716f59d0b85c8ceb06c6b58c7ea6dce73113e0e8672c266ba2956b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-4850"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18512

GET
H2 200 atandra-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 8 KB
9 KB 45ms
41ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/atandra-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 87395046866379105ced9e87a7758136a01de599efa54a175b9781350c1a8e22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-21d6"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8662

GET
H2 200 shipworks-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 7 KB
7 KB 45ms
42ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/shipworks-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 350fd754e649c114716de90c5d07a6d7ff424012e768b4325dc837ae3f1d2f91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-1c2e"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7214

GET
H2 200 shopify-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 13 KB
14 KB 46ms
42ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/shopify-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: adffbd9a5c5c73d059d7014b9cea24d3a191c1eb1cdb17bde04334f009d63e2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-356f"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13679

GET
H2 200 skuvault-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 6 KB
6 KB 46ms
43ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/skuvault-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ad68db4a8b6ee0732c3645ad9fe195980b541348dd3d8cbaec74e1c43a988f7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-1757"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5975

GET
H2 200 bigcommerce-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 3 KB
3 KB 46ms
43ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/bigcommerce-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2e1607a9854f56156d4a8ec04c29d74e7dc2417af6dbcb7ec69a1bbd36b030d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-c5d"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3165

GET
H2 200 magento-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 16 KB
16 KB 46ms
43ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/magento-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9fb928d8f5b3158259cc5390de2faeee1a2aaadeb4bfce76c0fd7f2639a7b1ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-3eae"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 16046

GET
H2 200 3dcart-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 12 KB
12 KB 46ms
44ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/3dcart-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c38e742875752b72d19079688bfcbc6198ec10a95f8476e709317cee4345c2af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:00 GMT
server: NetDNA-cache/2.2
etag: "5b124598-2e35"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 11829

GET
H2 200 u-pic-240x150.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/ 18 KB
19 KB 47ms
44ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/11/u-pic-240x150.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b7f704024ab4f0f285cf64a102f571b3b68ec93e680ace66038a1ef6339802c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:03 GMT
server: NetDNA-cache/2.2
etag: "5b12459b-4953"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 18771

GET
H2 200 Refund-Retriever-Payability.png
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/10/ 7 KB
7 KB 47ms
45ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2017/10/Refund-Retriever-Payability.png
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 30235170f66db7a1bf6b3760dd45a2790afcfa1da343b4e40132ebd09ef426c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:00 GMT
server: NetDNA-cache/2.2
etag: "5b124598-1a92"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 6802

GET
H2 200 bodymovin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/ 248 KB
49 KB 13ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab49fef43f10b1493313953f207fec4841377695eceadcf8e10c859108e477ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3912182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49426
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-3e056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8741hfSYDex6aao9P9ZjT1VDlomcUNebQWCx05DzUyV3VefN%2FEKmUyyge1PiFuXsC64QtrAoWtLcshCfBsM03NrIdjeTHMxXsuoG9QSQZBFWCCLAXu2k0QLuI80WYf4WlXZoxY87l%2FcT6bu%2BMbjyVh0I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68ccb66cee615b32-FRA
expires: Thu, 01 Sep 2022 00:17:21 GMT

GET
H2 200 zcga.js Show response
crm.zoho.com/crm/javascript/ 4 KB
3 KB 5492ms
154ms Script
application/javascript 204.141.42.49
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://crm.zoho.com/crm/javascript/zcga.js

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.49 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:27 GMT
content-encoding: gzip
referrer-policy: strict-origin
last-modified: Fri, 10 Sep 2021 07:07:28 GMT
server: ZGS
etag: W/"4180-1631257648000"
x-frame-options: SAMEORIGIN
content-language: de-DE
content-security-policy-report-only: script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.zappsusercontent.com https://*.zappsusercontent.eu https://*.zappsusercontent.in https://*.zappsusercontent.com.au https://*.zappsusercontent.com.cn https://*.localzappscontents.com https://*.zohostatic.com https://*.zoho.com https://js.zohocdn.com https://desk.zoho.com https://salesiq.zoho.com https://js.zohostatic.com https://localjs.zohostatic.com https://media.twiliocdn.com/sdk/js/client/releases/1.7.7/twilio.min.js https://media.twiliocdn.com/sdk/js/client/v1.7/twilio.min.js https://cdn.pagesense.io https://pagesense-collect.zoho.com https://iplocation.zoho.com https://s.ytimg.com/yts/jsbin/ https://www.youtube.com/iframe_api https://dyjgaef5vuq51.cloudfront.net https://dtzpfzv31buvf.cloudfront.net https://d22czkv2r5ogmg.cloudfront.net https://d12h6dzwzn4m10.cloudfront.net https://d17nz991552y2g.cloudfront.net https://scripts.zohospotlight.com chrome-extension://* https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://js.stratuscdn.com https://cdn.pagesense.io https://zohotagmanager.cdn.pagesense.io https://static.zohocdn.com https://www.zohowebstatic.com/ https://scripts.zohospotlight.com https://widgets.zohosalesiq.com https://static.stratuscdn.com; report-uri https://logsapi.zoho.com/csplog?service=crm
strict-transport-security: max-age=63072000
accept-ranges: bytes
content-type: application/javascript
vary: accept-encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H2

200

oct.js Show response
static.ads-twitter.com/
Redirect Chain

https://platform.twitter.com/oct.js
https://static.ads-twitter.com/oct.js

6 KB
2 KB

5076ms
16ms

Script
application/javascript

151.101.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 Paris, France, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:31 GMT
via: 1.1 varnish
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
age: 3525
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-timer: S1631319452.916438,VS0,VE0
x-served-by: cache-cdg20767-CDG

Redirect headers

x-tw-cdn: VZ
Date: Sat, 11 Sep 2021 00:17:26 GMT
Server: ECS (mil/6CDE)
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location: https://static.ads-twitter.com/oct.js
Content-Length: 0

GET
H2 200 animate.min.css
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/ 53 KB
4 KB 16ms
7ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/lib/bower/animate-css/animate.min.css?ver=6.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 20:20:35 GMT
server: NetDNA-cache/2.2
etag: W/"5e348c13-d2e3"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 core.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 17ms
8ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-5133"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 menu.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 17ms
8ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.12.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-253b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 regenerator-runtime.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 17ms
9ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-1906"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-polyfill.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 18ms
8ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-4056"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 dom-ready.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/ 1 KB
855 B 18ms
9ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/dom-ready.min.js?ver=71883072590656bf22c74c7b887df3dd
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-4e9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hooks.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/ 5 KB
2 KB 18ms
9ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-1540"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 i18n.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/ 10 KB
4 KB 19ms
10ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-268a"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 a11y.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/ 3 KB
1 KB 19ms
11ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/dist/a11y.min.js?ver=0ac8327cc1c40dcfdf29716affd7ac63
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:13 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a09-bc1"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 autocomplete.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 19ms
11ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.12.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:14 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a0a-215b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wpss-search-suggest.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/nectar/assets/functions/ajax-search/ 1 KB
843 B 19ms
11ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/nectar/assets/functions/ajax-search/wpss-search-suggest.js
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 0c55ac0f4463deb4e694227e07b735dd88a80cd63db79de18c6f14b77a266116

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-446"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 mpp-frontend.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/js/ 331 B
446 B 19ms
12ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:17 GMT
server: NetDNA-cache/2.2
etag: W/"613a49d1-14b"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 salient-social.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/js/ 11 KB
2 KB 20ms
12ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-social/js/salient-social.js?ver=1.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 20:20:37 GMT
server: NetDNA-cache/2.2
etag: W/"5e348c15-2a2c"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.easing.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 6 KB
2 KB 21ms
13ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/jquery.easing.js?ver=1.3
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-19c9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.mousewheel.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 3 KB
1 KB 21ms
14ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/jquery.mousewheel.js?ver=3.1.13
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-ad9"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 priority.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/ 7 KB
2 KB 22ms
15ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/priority.js?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-1dad"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 transit.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 7 KB
3 KB 22ms
15ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/transit.js?ver=0.9.9
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-1cff"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 waypoints.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 18 KB
4 KB 22ms
15ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/waypoints.js?ver=4.0.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-4888"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 imagesLoaded.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-portfolio/js/third-party/ 5 KB
2 KB 22ms
16ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-portfolio/js/third-party/imagesLoaded.min.js?ver=4.1.4
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:02 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13ee-15e0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 hoverintent.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 2 KB
1 KB 22ms
16ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/hoverintent.js?ver=1.9
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-8ce"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 magnific.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 47 KB
14 KB 24ms
17ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/magnific.js?ver=7.0.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-bdd0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 superfish.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/ 9 KB
3 KB 24ms
18ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/third-party/superfish.js?ver=1.4.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-24fe"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 init.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/ 547 KB
102 KB 29ms
23ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/js/init.js?ver=12.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c33fd000b3ac6efa19d96da09a83a10bc128a61d51deae55c28c8404a3870610

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13f0-88cdd"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 touchswipe.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-core/js/third-party/ 9 KB
3 KB 39ms
33ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/salient-core/js/third-party/touchswipe.min.js?ver=1.0
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 15 May 2020 22:13:02 GMT
server: NetDNA-cache/2.2
etag: W/"5ebf13ee-24a0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 39ms
33ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.7
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-bc7"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
1015 B 39ms
33ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.7
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-625"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.lazyloadxt.extend.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/ 1 KB
666 B 39ms
34ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.4.7
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:52:15 GMT
server: NetDNA-cache/2.2
etag: W/"613a49cf-415"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1016 B 39ms
34ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Thu, 09 Sep 2021 17:53:13 GMT
server: NetDNA-cache/2.2
etag: W/"613a4a09-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 js_composer_front.min.js Show response
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/js/dist/ 20 KB
6 KB 40ms
35ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/plugins/js_composer_salient/assets/js/dist/js_composer_front.min.js?ver=6.1
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 20:20:35 GMT
server: NetDNA-cache/2.2
etag: W/"5e348c13-5079"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 5106ms
25ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 01:47:22 GMT
x-content-type-options: nosniff
age: 340204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19536
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:41 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 01:47:22 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
29 KB 5068ms
21ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:26 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 149611
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 68ccb68e0ede4e4a-FRA
cf-bgj: minify

GET
H2 200 track_pageview Show response
track.gaconnector.com/ 505 B
685 B 330ms
124ms XHR
text/plain 35.172.187.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/track_pageview?gaconnector_id=915ae0c7-38e2-16e9-3f9a-5700a175f8be&account_id=f6f77599ae9e676788ff79c01b54c350&referer=&GA_Client_ID=undefined&page_url=https%3A%2F%2Fwww.refundretriever.com%2F&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by: Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.187.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-187-134.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8fa5036c327d897f6f57f1a08e617f00603b10240d91c7c5ddeb7cdd68b1afd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 11 Sep 2021 00:17:21 GMT
access-control-request-method: *
server: nginx/1.18.0
access-control-allow-headers: *
content-length: 505
access-control-allow-methods: OPTIONS, GET

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 5357ms
111ms Script
application/x-javascript 2a03:2880:f027:18:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: A58MqZRqvKfFVEQfXOai179ee8kidqKl4pSP3Kjd8hg8VwQ5agcllUmexgOaL+PCdofNxQxFyAwvRDqz+qkSPQ==
x-fb-trip-id: 1781455057
x-frame-options: DENY
date: Sat, 11 Sep 2021 00:17:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 5104ms
24ms Script
text/javascript 2a00:1450:4007:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5886
date: Fri, 10 Sep 2021 22:39:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 11 Sep 2021 00:39:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 4917ms
79ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 01:14:01 GMT
x-content-type-options: nosniff
age: 169405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Sep 2022 01:14:01 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 4899ms
62ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 00:24:03 GMT
x-content-type-options: nosniff
age: 345203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 00:24:03 GMT

GET
H2 200 fontawesome-webfont.woff
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/ 96 KB
96 KB 35ms
11ms Font
font/woff 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/fontawesome-webfont.woff?v=4.2
Requested by: Host: 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/font-awesome.min.css?ver=4.6.4
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: "5ebf13f0-17ee8"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 98024

GET
H2 200 icomoon.woff
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/ 21 KB
21 KB 46ms
22ms Font
font/woff 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/fonts/icomoon.woff
Requested by: Host: 17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 16f94be53f5a0f1b422b9fb0f88ecc3b0947c24c8b77ee6b6f62675c82499cc7

Request headers

Referer: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/themes/salient/css/style.css?ver=12.0
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Fri, 15 May 2020 22:13:04 GMT
server: NetDNA-cache/2.2
etag: "5ebf13f0-5318"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 21272

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 4878ms
43ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 21:31:29 GMT
x-content-type-options: nosniff
age: 441957
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 21:31:29 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 4887ms
53ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 00:26:23 GMT
x-content-type-options: nosniff
age: 604263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Sep 2022 00:26:23 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 4906ms
72ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%7CRaleway%3A600%2C400%7CMontserrat%3A400%2C300%2C500%7CRoboto+Condensed%3A700&subset=latin&ver=1589583290

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 23:37:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
age: 434426
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
expires: Mon, 05 Sep 2022 23:37:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 4911ms
77ms Font
font/woff2 2a00:1450:4007:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80f::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 16:46:08 GMT
x-content-type-options: nosniff
age: 459078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 16:46:08 GMT

GET
H2 206 refund-retriever.webm
17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/06/ 2 MB
2 MB 7ms
7ms Media
video/webm 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com/wp-content/uploads/2018/06/refund-retriever.webm
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2913feec9fb63ea6a725eacbc00f65421be938a8ed4549032de383a5f892a083

Request headers

Referer: https://www.refundretriever.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 11 Sep 2021 00:17:21 GMT
last-modified: Sat, 02 Jun 2018 07:22:20 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "5b1245ac-27c1d1"
vary: Accept-Encoding
x-cache: HIT
content-type: video/webm
Content-Range: bytes 0-2605520/2605521
cache-control: public, max-age=31536000
Content-Length: 2605521

GET
H/1.1 200 widget Show response
salesiq.zoho.com/ 121 KB
36 KB 5480ms
156ms Script
text/javascript 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/widget?plugin_source=wordpress

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d949f06ea665836c1c47a3fd5cde928c9d1bf2df74cd3e7ff44c15f15bee6421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date: Sat, 11 Sep 2021 00:17:27 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/-843522577
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Sat, 11 Sep 2021 00:22:27 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 28ms
28ms XHR
text/plain 2a00:1450:4007:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1150796379&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refundretriever.com%2F&ul=en-us&de=UTF-8&dt=Refund%20Retriever%20%7C%20Shipment%20Auditing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1516374626&gjid=239961889&cid=1309486633.1631319447&tid=UA-658657-1&_gid=660942223.1631319447&_r=1&_slc=1&z=995639192

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refundretriever.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.refundretriever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 5096ms
28ms Script
text/javascript 216.58.198.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1067394428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.198.194 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s27-in-f2.1e100.net

Software

cafe /

Resource Hash

88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
server: cafe
etag: 8182713160943572198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 00:17:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
469 B 5087ms
22ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-658657-1&cid=1309486633.1631319447&jid=1516374626&gjid=239961889&_gid=660942223.1631319447&_u=IEBAAEAAAAAAAC~&z=1555530512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.refundretriever.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 11 Sep 2021 00:17:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.refundretriever.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1009085809176948 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 159ms
158ms Script
application/x-javascript 2a03:2880:f027:18:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1009085809176948?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f027:18:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39a2df0cb95aeb34e950f5a27e9c6ee49aa07d126a781009eae27442b32744fd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7V5WB5ZxcJf1ayX4r+k/CsZLPWpqUssT72We/ib2AVuhpveRo3YPQ+x/uUmBF6pGkL1aqB2uPmATgu3P8KDjjA==
x-fb-trip-id: 1781455057
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 11 Sep 2021 00:17:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
270 B 5072ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1009085809176948&ev=PageView&dl=https%3A%2F%2Fwww.refundretriever.com%2F&rl=&if=false&ts=1631319447363&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631319447362.809832954&it=1631319447054&coo=false&exp=p1&rqm=GET

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 11 Sep 2021 00:17:32 GMT

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.com/ 14 KB
6 KB 176ms
176ms XHR
application/json 204.141.43.67
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.com/getembeddetails.ls?widgetcode=fa0061f1c3b5c030b9fe52e5d4bb1272b798f6bb0a5821d561008dcccd84c902084a0623dd05d5b367ba9549aad41f28&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Frefundretriever.com&pagetitle=Refund%20Retriever%20%7C%20Shipment%20Auditing

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.43.67 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

de5cf6cff4154737d61c146d6c522a08fc9b32729681a3cf404772e30e0249d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 00:17:27 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.refundretriever.com
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H2 200 floatbutton_8655ac0af2d8c916be6e816177e26407_.css
css.zohocdn.com/salesiq/styles/ 107 KB
22 KB 5115ms
33ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

0b747508abdbf79927ab45c52f3a713cdd6e3f65fa9e665b205fae6cd0756db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Mon, 06 Sep 2021 11:46:41 GMT
vary: Accept-Encoding
content-length: 22063
x-xss-protection: 1
nb-request-id: d596b3d851dc40cad7746ffadb105445
server: ZGS
etag: "9ef5892e13ff3dd8583ccb07f8e05f0d"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-d58d790a8f6c44d2868c0fd642c9e90d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js Show response
js.zohocdn.com/salesiq/js/ 56 KB
14 KB 5112ms
29ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js

Requested by

Host: salesiq.zoho.com
URL: https://salesiq.zoho.com/widget?plugin_source=wordpress

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

1c047e23d2f7ba84b0e6c90cf51d03189b4d1718a953225c53de643d47b8c80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Wed, 08 Sep 2021 14:02:57 GMT
vary: Accept-Encoding
content-length: 14059
x-xss-protection: 1
nb-request-id: 54300e19d131b72607432172ddc17556
server: ZGS
etag: "76d8a9ce8c9786f22e378333b7578486"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-36f69a4fd2a94eacaf065433c0abfb39
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 0133 0
244 B 4551ms
16ms Document
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 4325
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.refundretriever.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.refundretriever.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.refundretriever.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.refundretriever.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Sat, 11 Sep 2021 00:17:32 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 5158ms
115ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nuwy3&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.refundretriever.com%2F

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 11 Sep 2021 00:17:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f26ab5a3e202771bea6bdb2cc542a18f33a8dfa437eb41dd5a99075b23942471
x-transaction: b5559f930388ac5d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 5089ms
21ms Script
application/x-javascript 2a02:26f0:c800:2ba::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.refundretriever.com
URL: https://www.refundretriever.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:c800:2ba::25ea London, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 00:17:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=77049
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
661 B 5164ms
122ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=nuwy3&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.refundretriever.com%2F

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 11 Sep 2021 00:17:37 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 2cafef45f4d65f6b486ef86939207cd1cad5f3467322a77bd0a3a89fdd6cdeba
x-transaction: cf83b39eeb267f33
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 5109ms
33ms Image
image/gif 2a00:1450:4007:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-658657-1&cid=1309486633.1631319447&jid=1516374626&_u=IEBAAEAAAAAAAC~&z=417230740

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 5106ms
33ms Image
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-658657-1&cid=1309486633.1631319447&jid=1516374626&_u=IEBAAEAAAAAAAC~&z=417230740

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 monitor.json Show response
www.refundretriever.com/wp-content/svg-animation/monitor/ 351 KB
35 KB 190ms
189ms XHR
application/json 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-content/svg-animation/monitor/monitor.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 2fa8b71dd86e2b83fc56dc85a47d87f928034b9aeddd791568d8d3dc08cacdbc

Request headers

:path: /wp-content/svg-animation/monitor/monitor.json
pragma: no-cache
cookie: _ga=GA1.2.1309486633.1631319447; _gid=GA1.2.660942223.1631319447; _gat=1; _gcl_au=1.1.469926979.1631319447; gclid=undefined; _fbp=fb.1.1631319447362.809832954
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: gzip
last-modified: Sat, 02 Jun 2018 07:21:35 GMT
server: nginx
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: W/"57d68-56da38ced94ce-gzip"
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 86
content-type: application/json
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 18:37:43 GMT
cache-control: max-age=2592000, must-revalidate
x-cache-group: normal

GET
H2 200 analytics.json Show response
www.refundretriever.com/wp-content/svg-animation/analytics/ 523 KB
66 KB 307ms
306ms XHR
application/json 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-content/svg-animation/analytics/analytics.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 514fa3baa5a2bcf0960f08913231f800f9ec9498e87da68cf09ee651425b5de7

Request headers

:path: /wp-content/svg-animation/analytics/analytics.json
pragma: no-cache
cookie: _ga=GA1.2.1309486633.1631319447; _gid=GA1.2.660942223.1631319447; _gat=1; _gcl_au=1.1.469926979.1631319447; gclid=undefined; _fbp=fb.1.1631319447362.809832954
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: gzip
last-modified: Sat, 02 Jun 2018 07:21:34 GMT
server: nginx
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: W/"82a1e-56da38cea1a2e-gzip"
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 86
content-type: application/json
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 18:37:43 GMT
cache-control: max-age=2592000, must-revalidate
x-cache-group: normal

GET
H2 200 contract.json Show response
www.refundretriever.com/wp-content/svg-animation/contract/ 527 KB
52 KB 306ms
306ms XHR
application/json 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-content/svg-animation/contract/contract.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 2538aec1ee3393db08946eb6b70e4b7fbbe46952646fc889d3478431a4e44427

Request headers

:path: /wp-content/svg-animation/contract/contract.json
pragma: no-cache
cookie: _ga=GA1.2.1309486633.1631319447; _gid=GA1.2.660942223.1631319447; _gat=1; _gcl_au=1.1.469926979.1631319447; gclid=undefined; _fbp=fb.1.1631319447362.809832954
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: gzip
last-modified: Sat, 02 Jun 2018 07:21:34 GMT
server: nginx
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: W/"83a42-56da38ceaf4ee-gzip"
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 84
content-type: application/json
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 19:38:13 GMT
cache-control: max-age=2592000, must-revalidate
x-cache-group: normal

GET
H2 200 freight.json Show response
www.refundretriever.com/wp-content/svg-animation/freight/ 291 KB
23 KB 307ms
306ms XHR
application/json 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-content/svg-animation/freight/freight.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 47161c47e2cf4d62a77738e180bbaf9aa096de56e12ee837218d7b0d01909604

Request headers

:path: /wp-content/svg-animation/freight/freight.json
pragma: no-cache
cookie: _ga=GA1.2.1309486633.1631319447; _gid=GA1.2.660942223.1631319447; _gat=1; _gcl_au=1.1.469926979.1631319447; gclid=undefined; _fbp=fb.1.1631319447362.809832954
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: gzip
last-modified: Sat, 02 Jun 2018 07:21:34 GMT
server: nginx
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: W/"48a27-56da38cecba0e-gzip"
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 83
content-type: application/json
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 19:38:13 GMT
cache-control: max-age=2592000, must-revalidate
x-cache-group: normal

GET
H2 200 Get_Refunds.json Show response
www.refundretriever.com/wp-content/svg-animation/get_refunds/ 217 KB
24 KB 307ms
306ms XHR
application/json 104.198.3.239
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.refundretriever.com/wp-content/svg-animation/get_refunds/Get_Refunds.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/4.13.0/bodymovin.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.198.3.239 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 239.3.198.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: b131a7e2cd89a8a9ee101a9198099e25cc24a6360aab70a8518f23d66c7a21ca

Request headers

:path: /wp-content/svg-animation/get_refunds/Get_Refunds.json
pragma: no-cache
cookie: _ga=GA1.2.1309486633.1631319447; _gid=GA1.2.660942223.1631319447; _gat=1; _gcl_au=1.1.469926979.1631319447; gclid=undefined; _fbp=fb.1.1631319447362.809832954
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.refundretriever.com
referer: https://www.refundretriever.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: gzip
last-modified: Sat, 02 Jun 2018 07:21:35 GMT
server: nginx
x-cacheable: YES:2592000.000
x-powered-by: WP Engine
etag: W/"36571-56da38ced852e-gzip"
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 85
content-type: application/json
access-control-allow-origin: *
expires: Sat, 09 Oct 2021 18:37:43 GMT
cache-control: max-age=2592000, must-revalidate
x-cache-group: normal

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067394428/ 2 KB
2 KB 5108ms
32ms Script
text/javascript 2a00:1450:4007:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067394428/?random=1631319452034&cv=9&fst=1631319452034&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refundretriever.com%2F&tiba=Refund%20Retriever%20%7C%20Shipment%20Auditing&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e94b1f8022e630cca804e7f0ae08a5c05b9be5b78fa756f2281f2711a9c0c14d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf
css.zohocdn.com/salesiq/styles/fonts/float/ 10 KB
7 KB 64ms
21ms Font
font/ttf 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/fonts/float/siq_97ef6fabaeee9282491ac0754d64dc8c_.ttf

Requested by

Host: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://css.zohocdn.com/salesiq/styles/floatbutton_8655ac0af2d8c916be6e816177e26407_.css
Origin: https://www.refundretriever.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: font/ttf
x-cache: HIT
last-modified: Fri, 02 Jul 2021 08:03:41 GMT
vary: Accept-Encoding
content-length: 6434
x-xss-protection: 1
nb-request-id: 26573f6c1240a309028560af2e49b957
server: ZGS
etag: "f923905063ae1874ef8ecb4d21486097"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-c3c0024d1d7344d58f469afef939e17d
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css
css.zohocdn.com/salesiq/styles/ Frame AFC2 181 KB
41 KB 31ms
30ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/styles/newembedtheme_e36a1d9a53b353100d75f5c220fa9906_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

05b9e7ffa44d2a87259fbddbeb54c5b88984c2762d57ecd162a9da386add6508

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css;charset=UTF-8
x-cache: HIT
last-modified: Wed, 11 Aug 2021 08:59:42 GMT
vary: Accept-Encoding
content-length: 41065
x-xss-protection: 1
nb-request-id: f3ce2daa9ba9677eedb893a534f72fe3
server: ZGS
etag: "93e65819814c3c2933d46b350aca21d3"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-5a8c186ef9484837ac4026cba1d659a1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Aug_25_2021_4_wmsliteapi.js Show response
js.zohocdn.com/ichat/js/ Frame AFC2 18 KB
7 KB 31ms
30ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/Aug_25_2021_4_wmsliteapi.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

8ab8acda5f4380c2ca3705841da508098ec76721bb4e4291d023a098190a0497

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Wed, 25 Aug 2021 10:04:50 GMT
vary: Accept-Encoding
content-length: 6735
x-xss-protection: 1
nb-request-id: 910771eec54c339beab547f7ac653da6
server: ZGS
etag: "b57ade9fe7f4428f21e80cef1c6c3d2b"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-fdcf4a66829343cb98341641e2451021
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js Show response
js.zohocdn.com/salesiq/js/ Frame AFC2 1 MB
278 KB 32ms
31ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

ef95ea6df1bec600b2d5481ba1daf8c27dcd789b6168b20cb1045ac2ddd6a3b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Wed, 08 Sep 2021 14:02:52 GMT
vary: Accept-Encoding
content-length: 283667
x-xss-protection: 1
nb-request-id: 2842581200ba6ea1e541331901ff7cda
server: ZGS
etag: "612a38b0f68a6da7a02fef7d95fe14e9"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-0e03c2ab94a24b239d5f537b756539ba
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 resource_d5350f7c333142ae5570f4083f4ddf26_.js Show response
js.zohocdn.com/salesiq/js/resource/embed/ Frame AFC2 41 KB
13 KB 76ms
76ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/js/resource/embed/resource_d5350f7c333142ae5570f4083f4ddf26_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/floatbutton_54d5b86477b1c2a302d87f5c62ef9f4f_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a1b564421ca890a73e892d590b24ca1f1f40197ee01f32dcec2126e5ea2c24e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Mon, 09 Aug 2021 03:47:07 GMT
vary: Accept-Encoding
content-length: 12475
x-xss-protection: 1
nb-request-id: d24d6a1bdae772a8fd87809b70923a10
server: ZGS
etag: "7ec6aa00fefb08310a306a863aff736e"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-ec87f6d0aeb74882817259f044f5a0ad
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a0af8585_wmsbridge.js Show response
js.zohocdn.com/ichat/js/ Frame AFC2 14 KB
5 KB 53ms
53ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/a0af8585_wmsbridge.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Aug_25_2021_4_wmsliteapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

46a22048274c0cc10f19fa25826c410e0e4f13182e831b17a86348696a0c88c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Wed, 11 Aug 2021 12:33:13 GMT
vary: Accept-Encoding
content-length: 4372
x-xss-protection: 1
nb-request-id: 4f7abc012b1e6eafe3661227ea4d1948
server: ZGS
etag: "edca76feae4d2289d097ca655fb886cb"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-1ae2258e6cea42a4bb12e8850ee3857b
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200 fetchvisitorconfigurations.ls Show response
salesiq.zohopublic.com/refundretriever/ Frame AFC2 769 B
1 KB 5488ms
162ms XHR
application/json 204.141.42.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zohopublic.com/refundretriever/fetchvisitorconfigurations.ls?avuid=1af3f075-c00a-42e8-9c36-cf10a8a67adc&lsid=66158000000002015&fetchallfields=true

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

c27fd14dceb0a36bcf264258d7d52fbef8d87d2af557fc43fab5738490b3c99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept: */*
Referer: https://www.refundretriever.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 11 Sep 2021 00:17:39 GMT
X-Content-Type-Options: nosniff
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 769
X-XSS-Protection: 1

GET
H2 200 security-html-sanitizer.min.js Show response
js.zohocdn.com/zohosecurity/v5_0/js/ Frame AFC2 27 KB
11 KB 29ms
29ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/zohosecurity/v5_0/js/security-html-sanitizer.min.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/js/siqnewchatwindow_ca1233e7ef64afe7c25eaf7740696b69_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 , Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000, max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 11 Sep 2021 00:17:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript;charset=UTF-8
x-cache: HIT
last-modified: Thu, 26 Aug 2021 06:14:01 GMT
vary: Accept-Encoding
content-length: 10688
x-xss-protection: 1
nb-request-id: e48fe708bac5b429d4b8c432ec62e4db
server: ZGS
etag: "16e09f706d00343e3265b1dd7a230dd5"
strict-transport-security: max-age=15768000, max-age=63072000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7776000, immutable
z-origin-id: ex1-d7a5d4df378d4cf59ed984a8421c900c
accept-ranges: bytes
timing-allow-origin: *

GET

li_sync
www.linkedin.com/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=240978&time=1631319457026&url=https%3A%2F%2Fwww.refundretriever.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240978%26time%3D1631319457026%26url%3Dhttps%253A%252F%252Fwww.refundretriever.com...

0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067394428/ 42 B
154 B 42ms
41ms Image
image/gif 2a00:1450:4007:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067394428/?random=1631319452034&cv=9&fst=1631318400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refundretriever.com%2F&tiba=Refund%20Retriever%20%7C%20Shipment%20Auditing&async=1&fmt=3&is_vtc=1&random=3994364427&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1067394428/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1067394428/?random=1631319452034&cv=9&fst=1631318400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refundretriever.com%2F&tiba=Refund%20Retriever%20%7C%20Shipment%20Auditing&async=1&fmt=3&is_vtc=1&random=3994364427&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Sep 2021 00:17:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 photo.ls
salesiq.zohopublic.com/refundretriever/clogo/1558643552103_43599262/ Frame AFC2 2 KB
3 KB 466ms
167ms Image
image/png 204.141.42.97
ZOHO-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salesiq.zohopublic.com/refundretriever/clogo/1558643552103_43599262/photo.ls?nps=202

Requested by

Host: www.refundretriever.com
URL: https://www.refundretriever.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

204.141.42.97 , United States, ASN2639 (ZOHO-AS, US),

Reverse DNS

Software

ZGS /

Resource Hash

d763c14f72fb8765cdeeb09a48828694b64362171d03316bd4feb675d7240979

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.refundretriever.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
Date: Sat, 11 Sep 2021 00:17:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 23 May 2019 20:32:31 GMT
Server: ZGS
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000
Content-Type: image/png;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-Protection: 1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.linkedin.com
URL: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D240978%26time%3D1631319457026%26url%3Dhttps%253A%252F%252Fwww.refundretriever.com%252F%26liSync%3Dtrue

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.refundretriever.com/	1970-01-20 14:39:51	Name: _ga Value: GA1.2.1309486633.1631319447
.refundretriever.com/	1970-01-19 21:10:05	Name: _gid Value: GA1.2.660942223.1631319447
.refundretriever.com/	1970-01-19 21:08:39	Name: _gat Value: 1
.refundretriever.com/	1970-01-19 23:18:15	Name: _gcl_au Value: 1.1.469926979.1631319447
crm.zoho.com/	1969-12-31 23:59:59	Name: crmcsr Value: 800c0c7e-ab56-4da7-ab07-5ca18ac720dd
www.refundretriever.com/	1970-01-19 21:51:51	Name: gclid Value: undefined
.refundretriever.com/	1970-01-19 23:18:15	Name: _fbp Value: fb.1.1631319447362.809832954
salesiq.zoho.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: cc38b763-b92e-41e6-9f71-08ab5ec029e2
.facebook.com/	1970-01-19 23:18:15	Name: fr Value: 0mAwAqSA3XjxQJd74..BhO_Wc...1.0.BhO_Wc.
.refundretriever.com/	1970-01-20 14:39:51	Name: refundretriever-_zldp Value: 2B9J9i2sXckYruYmmZPUqS8FP70WHFP8cDiUJQon%2Fwkd9PaRv%2BplSLaWvJK1pVWppRUK595EVd8%3D
.refundretriever.com/	1970-01-19 21:10:05	Name: refundretriever-_zldt Value: 9057ecac-4155-421c-bfaf-281ae1388836-2
.twitter.com/	1970-01-20 14:39:51	Name: personalization_id Value: "v1_g7R87ppE++QPsNEZZMFmBQ=="
.doubleclick.net/	1970-01-19 21:08:40	Name: test_cookie Value: CheckForPermission
salesiq.zohopublic.com/	1969-12-31 23:59:59	Name: LS_CSRF_TOKEN Value: d20b36a9-65ef-4b80-9207-7bfb3938ede3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.refundretriever.com/ Message: The resource https://js.zohocdn.com/ichat/js/a0af8585_wmsbridge.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17llr810ixei7als121zj0bj-wpengine.netdna-ssl.com
analytics.twitter.com
cdnjs.cloudflare.com
connect.facebook.net
crm.zoho.com
css.zohocdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.zohocdn.com
platform.twitter.com
refundretreiver.com
salesiq.zoho.com
salesiq.zohopublic.com
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track.gaconnector.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.refundretriever.com
www.linkedin.com
104.198.3.239
104.244.42.3
104.244.42.69
151.101.120.157
185.20.209.147
204.141.42.49
204.141.42.97
204.141.43.67
216.58.198.194
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::ac43:2794
2606:4700::6810:125e
2a00:1450:4007:809::2002
2a00:1450:4007:80d::2004
2a00:1450:4007:80e::2008
2a00:1450:4007:80f::2003
2a00:1450:4007:812::200a
2a00:1450:4007:818::2003
2a00:1450:4007:81a::200e
2a00:1450:400c:c00::9a
2a02:26f0:c800:2ba::25ea
2a03:2880:f027:18:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
35.172.187.134
94.31.29.99
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04188b0cf2772d0097ee6ea6abe0feba436b3c8aa667568dc8dabc97bf4332a6
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
05b9e7ffa44d2a87259fbddbeb54c5b88984c2762d57ecd162a9da386add6508
0b747508abdbf79927ab45c52f3a713cdd6e3f65fa9e665b205fae6cd0756db2
0c55ac0f4463deb4e694227e07b735dd88a80cd63db79de18c6f14b77a266116
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
16269aa9d7d3e729a4247c073f2a0cc19f00c747006933746fc93cb34674d592
16f94be53f5a0f1b422b9fb0f88ecc3b0947c24c8b77ee6b6f62675c82499cc7
18584b5fca585444cc86adfc374bca6d805a0e12d73495beeab6d94a4da264d9
198209611aa67382f0ba7bb0759c9b2a8a8560ca5f1a60dc2dda0763c3b1e4c2
19d49f275aed32056d7a54248db3559c219f86541563090788f8a9812a0b9bdf
1bd61d8494e09df2bbc3b644c2a5e77ec7d5bdd2f6a50af3bb913fc1af6fcfc7
1c047e23d2f7ba84b0e6c90cf51d03189b4d1718a953225c53de643d47b8c80a
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
2538aec1ee3393db08946eb6b70e4b7fbbe46952646fc889d3478431a4e44427
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2913feec9fb63ea6a725eacbc00f65421be938a8ed4549032de383a5f892a083
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2e1607a9854f56156d4a8ec04c29d74e7dc2417af6dbcb7ec69a1bbd36b030d1
2f9627512fca0229865430f588e22896916969f33cf92f51a0793028a1a45f7c
2fa8b71dd86e2b83fc56dc85a47d87f928034b9aeddd791568d8d3dc08cacdbc
30235170f66db7a1bf6b3760dd45a2790afcfa1da343b4e40132ebd09ef426c2
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
350fd754e649c114716de90c5d07a6d7ff424012e768b4325dc837ae3f1d2f91
39a2df0cb95aeb34e950f5a27e9c6ee49aa07d126a781009eae27442b32744fd
3fb5076df5212d5cc3ec0ee4de8ba86e1285b7817b9f3b21695b8ad7f7ee2185
42b8fc6ce4cc6ff19e274ff39b9c52897f46ddadf046ea63089d064004382947
43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf
46a22048274c0cc10f19fa25826c410e0e4f13182e831b17a86348696a0c88c8
47161c47e2cf4d62a77738e180bbaf9aa096de56e12ee837218d7b0d01909604
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
514fa3baa5a2bcf0960f08913231f800f9ec9498e87da68cf09ee651425b5de7
5867592c9d5371d697755f3e696e0a5d64ebb93d359f9461aac46fcb4cc9d7e8
59a3b2cb204dc1b6108c9608e54ed72fbe51be18688023c9560801366a09e900
5a65b0ca177f1c0433c0ead611692521c23e6668846a2861fedc09ae11416ffc
5b518bc060167c79b585ab74260cd0c4cd4ef5e6f7ee2759908ee832731352c4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
66f7412f7462e317d894dd4a942290b87ec249151a2648aa6caeb8bab1735d42
69fc7bcafee09477b13dbda32d00410bc15a3faeb3e890cc15fef46d7c84d432
6b5730ae9f33a0a7afe9a86492c861267b99a4bc832cb74ad0412b14639c0d01
6ffe5bb7b2bbd10ab6e9bdb605a8806d77ceb9d7a08a007e10b53471c4fa9c76
71a607ab6050f64e6fd078d3ecb45517636623f4c82bb2d96fbfdfee0cfb8a73
773d12971ed2348e780482568fae18c567b891f356bd01ee1fb7adad7b800900
7877050ec9f0a551a1c47b1654c9434bf40b8b8a65c61e2c1cc64b0d4696ee38
7ac138b6a78fd04c92aab6020c2669e91f2b0fc9e832a0e15faaefdce19c1e85
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87395046866379105ced9e87a7758136a01de599efa54a175b9781350c1a8e22
87cf46420f28b91d2ffcbca2ec817b93c99b5d43c9366b08d5f4c6f6fbb635c1
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
8ab8acda5f4380c2ca3705841da508098ec76721bb4e4291d023a098190a0497
8b5fc6c399a32bc4fd40a94fc3cbc02bd7467094f3d080bfcb5d25accc081e54
8e93ff9c9d6311c36c75b167f77b97a012ec931c88d308b883fcc576f967b146
8fa5036c327d897f6f57f1a08e617f00603b10240d91c7c5ddeb7cdd68b1afd7
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
956e41167b70caf9f21f5a4f435fa8aefed819777d00608b60399a6ad51b16c2
96b73859ad716f59d0b85c8ceb06c6b58c7ea6dce73113e0e8672c266ba2956b
9fb928d8f5b3158259cc5390de2faeee1a2aaadeb4bfce76c0fd7f2639a7b1ea
a1b564421ca890a73e892d590b24ca1f1f40197ee01f32dcec2126e5ea2c24e4
a23757ebb210c2d1c0455713594401d07ef51a74dcd3f7b5cd4a0ed2d8ecf1e0
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a5c1beaa3e3011831d0c8fc84b02f5362c126cb0dc5dc6f4a0fdbe0ba3f93d1f
a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf
aa177ef15fc557a7778d92a1aa910b9ded10d3b8400eea9ccb08c0f19d0fde8c
ab49fef43f10b1493313953f207fec4841377695eceadcf8e10c859108e477ec
abebcd2fc7e82bc4d7c85c20a7278aab4578ec9312d8b9e46daf642384f49d20
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad68db4a8b6ee0732c3645ad9fe195980b541348dd3d8cbaec74e1c43a988f7a
adffbd9a5c5c73d059d7014b9cea24d3a191c1eb1cdb17bde04334f009d63e2e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b131a7e2cd89a8a9ee101a9198099e25cc24a6360aab70a8518f23d66c7a21ca
b36f9723de1d9f13021891814f4ed7269f2ede9bb814f9a914eefaeb5eb1f516
b695f4e09490004246d228e02338f9d3c4591273e1f35bb0ebe63607c860e608
b7f704024ab4f0f285cf64a102f571b3b68ec93e680ace66038a1ef6339802c9
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c27fd14dceb0a36bcf264258d7d52fbef8d87d2af557fc43fab5738490b3c99a
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c33fd000b3ac6efa19d96da09a83a10bc128a61d51deae55c28c8404a3870610
c38e742875752b72d19079688bfcbc6198ec10a95f8476e709317cee4345c2af
c3c0a7bc226e2b64dea9c09b64ce42656fad59ccecb482205765bba37afa292a
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd00c79e4bbf06794b0851af6b891c002601933c8b9d0cef5bf18427c62c699c
ce4cfe5020df792fb1ac39bb2f9c6ae7a0e4468423735a477b45785579ac602f
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d763c14f72fb8765cdeeb09a48828694b64362171d03316bd4feb675d7240979
d949f06ea665836c1c47a3fd5cde928c9d1bf2df74cd3e7ff44c15f15bee6421
d96f4e2562d6e813901bdbd6fc16e2c4a133db6d851991909f0db8bdb5afb3a4
dc49fc342e53b4c9ba763abbd82e3f0c39a889f35b35cbf5d0f186b08934a4c2
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
de5cf6cff4154737d61c146d6c522a08fc9b32729681a3cf404772e30e0249d5
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8d90b297b7103c351e76dc0f7e9dd783a6e25d059e158ccd297967357c0d8
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e94b12cb948d3d2eff43addf04700f8611ba383c00892652dc294a76bec2a105
e94b1f8022e630cca804e7f0ae08a5c05b9be5b78fa756f2281f2711a9c0c14d
edc988f9162131dfa6d20d122013987468254662e7cdbc7565c39a5789edb6ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8abb21406964a1a136fe0e19ed35c030ac4cb318b7a2917497c8cdf8b9d734
ef95ea6df1bec600b2d5481ba1daf8c27dcd789b6168b20cb1045ac2ddd6a3b7
f7988e3c04dbf5148adeed726b95dd21259e6cb9d3de4b608cf39ee35834c361
f8214d5a3bfa62a210a1173a5baf9d9e2eb3da26f6333a058109ee5018617674
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd9f04b42522f652398f4a708fb884a2dca0585d69056251b3cdbffbdc2d1de6
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff57968ba0d995d2dbcaa80779cb40a1dbc93d1bf5ee78301dc49629108bbd9d

www.refundretriever.com Open in urlscan Pro 104.198.3.239 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

126 Requests

99 %HTTPS

56 %IPv6

24 Domains

28 Subdomains

25 IPs

6 Countries

4371 kBTransfer

9884 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.refundretriever.com Open in urlscan Pro
104.198.3.239 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

99 %
HTTPS

56 %
IPv6

24
Domains

28
Subdomains

25
IPs

6
Countries

4371 kB
Transfer

9884 kB
Size

14
Cookies

126 HTTP transactions
0 data transactions