customsrefund.co Open in urlscan Pro
52.223.52.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.customsrefund.co/
Effective URL:
https://customsrefund.co/
Submission: On July 28 via automatic, source certstream-suspicious (July 28th 2024, 4:25:27 am UTC) — Scanned from US

Summary HTTP 42 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 9 domains to perform 42 HTTP transactions. The main IP is 52.223.52.2, located in United States and belongs to AMAZON-02, US. The main domain is customsrefund.co.
TLS certificate: Issued by WR1 on July 24th 2024. Valid for: 3 months.

This is the only time customsrefund.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	52.223.52.2 52.223.52.2	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::61	15169 (GOOGLE) (GOOGLE)
3	52.85.132.26 52.85.132.26	16509 (AMAZON-02) (AMAZON-02)
23	2600:9000:24f... 2600:9000:24f4:5600:d:ada1:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
3	3.162.125.17 3.162.125.17	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:226... 2600:9000:2269:f800:d:6b42:4ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.251.179.155 142.251.179.155	15169 (GOOGLE) (GOOGLE)
1	44.198.77.3 44.198.77.3	14618 (AMAZON-AES) (AMAZON-AES)
1	172.253.115.103 172.253.115.103	15169 (GOOGLE) (GOOGLE)
1	18.165.83.69 18.165.83.69	16509 (AMAZON-02) (AMAZON-02)
42	11

2 52.223.52.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0b1d980e1f2226c6.awsglobalaccelerator.com

www.customsrefund.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
customsrefund.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.132.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-26.iad50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:24f4:5600:d:ada1:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.125.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-17.iad61.r.cloudfront.net

events.framer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2269:f800:d:6b42:4ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.framerstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.179.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.77.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-77-3.compute-1.amazonaws.com

form.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.165.83.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-69.iad55.r.cloudfront.net

framerusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	framerusercontent.com framerusercontent.com — Cisco Umbrella Rank: 53381	481 KB
4	framerstatic.com app.framerstatic.com — Cisco Umbrella Rank: 106919	80 KB
3	framer.com events.framer.com — Cisco Umbrella Rank: 64216	6 KB
3	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 7072	7 KB
2	customsrefund.co 1 redirects www.customsrefund.co customsrefund.co	19 KB
1	google.com www.google.com — Cisco Umbrella Rank: 10	64 B
1	typeform.com form.typeform.com — Cisco Umbrella Rank: 70129
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	90 KB
42	9

	Domain	Requested by
24	framerusercontent.com	customsrefund.co framerusercontent.com
4	app.framerstatic.com	customsrefund.co
3	events.framer.com	customsrefund.co events.framer.com
3	widget.trustpilot.com	customsrefund.co widget.trustpilot.com
1	www.google.com	customsrefund.co
1	form.typeform.com	framerusercontent.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	customsrefund.co
1	customsrefund.co
1	www.customsrefund.co	1 redirects
42	10

This site contains links to these domains. Also see Links.

Domain
www.cbsa-asfc.gc.ca

Subject Issuer	Validity	Valid
customsrefund.co WR1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh
framerusercontent.com Amazon RSA 2048 M02	`2023-12-18` - `2025-01-14`	a year	crt.sh
events.framer.com Amazon RSA 2048 M03	`2024-04-09` - `2025-05-07`	a year	crt.sh
framerstatic.com Amazon RSA 2048 M02	`2023-10-23` - `2024-11-20`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
typeform.com Amazon RSA 2048 M03	`2024-05-14` - `2025-06-12`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://customsrefund.co/
Frame ID: B904E097D60B344CA2667021C167A2BC
Requests: 36 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4
Frame ID: DEAD160FCB31D7A2A99581A3B0BCF420
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4
Frame ID: F6EC4BC743BDEE4B1E8AA397F6BEF499
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4
Frame ID: F0F6681EDDDA08AA63A60032AEA90F3E
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4
Frame ID: 935822DD38F8C80729A7F9BC2D7BE270
Requests: 1 HTTP requests in this frame

Frame: https://form.typeform.com/to/gFQsR7rx?typeform-embed-id=07144432622660712&typeform-embed=embed-widget&typeform-source=customsrefund.co&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true
Frame ID: A6F83939D597B1A7E45956FCA0E422DD
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4
Frame ID: 430414C4C1957B0D4767C6AA6495B73B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Custom Duty CBSA Refund for Canada

Page URL History Show full URLs

https://www.customsrefund.co/ HTTP 308
https://customsrefund.co/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

42
Requests

93 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

11
IPs

1
Countries

683 kB
Transfer

1606 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cbsa-asfc.gc.ca/publications/forms-formulaires/b2g-eng.html
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.customsrefund.co/ HTTP 308
https://customsrefund.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
customsrefund.co/
Redirect Chain

https://www.customsrefund.co/
https://customsrefund.co/

199 KB
18 KB

460ms
270ms

Document
text/html

52.223.52.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.223.52.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a0b1d980e1f2226c6.awsglobalaccelerator.com

Software

Framer/7de5eca /

Resource Hash

a2efa1093f199f85105ebb27989bc152180b5aab664e33c41ace53b5f68c7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 18417
content-type: text/html
date: Sun, 28 Jul 2024 04:25:21 GMT
etag: "2cff3ba788c8567af61e495fc3c558a3"
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
server: Framer/7de5eca
server-timing: region;desc="us-west-2", cache;desc="not-cached", ssg-status;desc="optimized", version;desc="7de5eca"
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0, must-revalidate
content-length: 61
content-type: text/html; charset=utf-8
date: Sun, 28 Jul 2024 04:25:20 GMT
link: <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin=""
location: https://customsrefund.co/
server: Framer/7de5eca
strict-transport-security: max-age=31536000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
90 KB 405ms
152ms Script
application/javascript 2607:f8b0:4004:c0b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16450016475

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c57d9cded7e667dfab7ee45f0cb9fc2d8b5a50a3258f9dde02b3e2fc0f3fa4c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91906
x-xss-protection: 0
last-modified: Sun, 28 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jul 2024 04:25:22 GMT

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 394ms
125ms Script
application/x-javascript 52.85.132.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-26.iad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 06:57:51 GMT
content-encoding: gzip
via: 1.1 cdb7a265f783ce0c07661e9c6820c2c4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD50-C2
age: 77252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: dfqgXQhCnNAQM81yscZjsITpfh49Hh2vTQiB_N5SVuVI2ppJl6VI0Q==

GET
H2 200 chunk-JOYUDEPA.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 237 B
1 KB 659ms
414ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-JOYUDEPA.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

60c9f9db847af8f1306e254ef7b67463e88e889182155e03e56e181101511765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: 1mx0YbokoYFEePOkz5c_TDSbSxe7CFFj
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="OeDjvZ0x5TBUuoxD3kjlsjs4W2E0rlhlAeGsbjDXZuhdrQ7S3X_p0g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
content-length: 237
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: "0399c0574238d041713f244e870e6908"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OeDjvZ0x5TBUuoxD3kjlsjs4W2E0rlhlAeGsbjDXZuhdrQ7S3X_p0g==

GET
H2 200 chunk-TANVZROP.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 511 KB
151 KB 385ms
141ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

00b1e27e815133f485f1f2d8fe6e6e5f32136a1c3608b8fcaf15edf4fb05f1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: 8mdIE3pq_VoBElWXdSfJFVNdMntKE2N5
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
age: 281152
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="CDVtLvR334854gmUT2f0gYyaI_aZEOgcydozl4Tn_p1w6jtctfQVlA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: W/"bb81c1d692d2b0728b0c124b54608a54"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: CDVtLvR334854gmUT2f0gYyaI_aZEOgcydozl4Tn_p1w6jtctfQVlA==

GET
H2 200 chunk-OIST4OYN.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 454 B
1 KB 659ms
414ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-OIST4OYN.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: pL1cFggiVZUBdPP_ksDlKsgV40.QoVOp
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="v_GQGUIIW-43nSbTw442mCk8rQOyixmotXg9fIXrEjLaG-NWTdAo-w==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
content-length: 454
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: "8af81548ac68e6596fe9853138d19471"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: v_GQGUIIW-43nSbTw442mCk8rQOyixmotXg9fIXrEjLaG-NWTdAo-w==

GET
H2 200 R35gAZoFq44YTIl0Jdx0zJ2B5nt8vZH-A5RvlQoOuUE.IJG6HEOM.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 161 KB
27 KB 674ms
430ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/R35gAZoFq44YTIl0Jdx0zJ2B5nt8vZH-A5RvlQoOuUE.IJG6HEOM.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

74dcc51594b9772b91bbbae5223cb04bea6172dd431725dac0f4eed37e9ad408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: LUAy6IYg.eWLsZYR01nWg6QIbjx6Dw39
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
age: 281153
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="Ix4vtiIG-s1DqZcYxIoX1xinDMV0cymxwtnYJg2cnOjy1IcHJxR4WQ==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=6
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: W/"5805b6768b2dc8bea622dfde5919311c"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: Ix4vtiIG-s1DqZcYxIoX1xinDMV0cymxwtnYJg2cnOjy1IcHJxR4WQ==

GET
H2 200 chunk-7GSBGRKT.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 2 KB
2 KB 655ms
411ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-7GSBGRKT.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e1a05d37f7958c490525db30684b652995ef1b4d7f7885dd469921c2789642db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: cJxSqeouxNR_k8siP8.3f39ewRFuKnYR
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
age: 281153
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="jfyI0m8APBb2GmGHdmvKKiXW39GXvWU7ZbEezhLFmBQayXCUMUH_pw==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: W/"b2215ab57a76daba268c9263a65b5e66"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: jfyI0m8APBb2GmGHdmvKKiXW39GXvWU7ZbEezhLFmBQayXCUMUH_pw==

GET
H2 200 chunk-5MAZZDWM.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 736 B
2 KB 687ms
443ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-5MAZZDWM.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

21398447688d505d6dcdd8aa8a4b6a063ef1fb7da9b3e5ec2142db3611bb5eb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: 7rX8K_rZTTYiZWUpycz6NbTjVHe_MlbX
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="MDfMWavLiNNFH0DWGV1JFC7jZP0dswNbkYxW_cGZyXhMK4UfD9Y80g==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
content-length: 736
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: "6919f06298fe5003216e07e78beaa1ef"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Origin
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: MDfMWavLiNNFH0DWGV1JFC7jZP0dswNbkYxW_cGZyXhMK4UfD9Y80g==

GET
H2 200 script Show response
events.framer.com/ 16 KB
6 KB 398ms
128ms Script
text/javascript 3.162.125.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.framer.com/script

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.125.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-125-17.iad61.r.cloudfront.net

Software

Resource Hash

03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:22 GMT
content-encoding: gzip
via: 1.1 10d8c7e85dc4bacbe46fc8920b2edbc4.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amzn-remapped-content-length: 15882
x-amz-cf-pop: IAD61-P3
x-amzn-requestid: 763ac552-3bae-4f43-85dd-45659080e9fe
x-amzn-trace-id: Root=1-66a5c832-0cd4d5d579f97a035edbf852
x-cache: Miss from cloudfront
content-type: text/javascript
timestamp: Sun, 28 Jul 2024 04:24:20 GMT
x-amz-apigw-id: bmw38EBTIAMEvcA=
content-length: 5325
x-amz-cf-id: iJmh7e07hH6JjHsqrgQtBAZa0VT2YQsMS8F8OcQY9TNUJQw2AZAn0w==

GET
H2 200 rAGqjHM9vuoKGXk1zSRz06bOsA.png
framerusercontent.com/images/ 13 KB
14 KB 383ms
382ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/rAGqjHM9vuoKGXk1zSRz06bOsA.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

de2d654da876709183d63ec6c65d1911ec89a52390fbd76cc583e300c630e6ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: 446798ad-08cc-4a06-9133-b31b0c1b9c51
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=2,cdn-upstream-fbl;dur=148,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="n6629SQU_GO-5ZTE3Xq6Mrj0GqDVWtuV02N-THX8n07X6gruqRGH9A==",cdn-downstream-fbl;dur=157
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "1da7b8d94721e02d380f8c829c84dd9d"
x-amzn-trace-id: root=1-66a5c832-25e63cfb4b3c76e41db12448;parent=2ff04826bcba8623;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: n6629SQU_GO-5ZTE3Xq6Mrj0GqDVWtuV02N-THX8n07X6gruqRGH9A==

GET
H2 200 CVKKQW26gnC6W4iLphE5lvDwAX0.jpg
framerusercontent.com/images/ 88 KB
89 KB 149ms
148ms Image
image/avif 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/CVKKQW26gnC6W4iLphE5lvDwAX0.jpg?scale-down-to=2048

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3b7e122207e0011d365f5e3ca8fbcb444c77893e0e1a70bc683998d31190e1e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:24:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 280836
x-amzn-requestid: 702ba19e-1388-4222-b0fe-71a3b90d6255
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="mlTzsUnRH05cc9ePPcpAzTqZFajNMqC7nTmzbW_aiYat_XgQlHZ1XQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=8
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "152562de1f0d3b2193f565e6186ca29f"
x-amzn-trace-id: root=1-66a17f2a-516cfb8263faccb87548cfd8;parent=66b637528274d799;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: mlTzsUnRH05cc9ePPcpAzTqZFajNMqC7nTmzbW_aiYat_XgQlHZ1XQ==

GET
H2 200 default_script0.LHVTBD6K.mjs Show response
framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/ 2 KB
2 KB 634ms
443ms Script
text/javascript 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/default_script0.LHVTBD6K.mjs

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0aee0be07e9d0827cda221969e076a4c076416b0162b8eabe499bd96573e34f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
x-amz-version-id: EHh4VtioeDpNiusLiLSimj45ZRcLX2yN
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
via: 1.1 0c482288431692a08571c47359ca2c80.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amz-server-side-encryption: AES256
age: 281153
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="hGSV-0SIHsmAwi_DlR9R4UM8NW7ve3YYFcG_ZWXngWU_kbK8BjwDCA==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=7
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 06 Feb 2024 10:48:15 GMT
server: CloudFront
etag: W/"40f9a700ae0d4592909c17b0cf3a1b18"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
vary: Accept-Encoding,Origin
timing-allow-origin: *
x-amz-cf-id: hGSV-0SIHsmAwi_DlR9R4UM8NW7ve3YYFcG_ZWXngWU_kbK8BjwDCA==

GET
DATA 200
OK truncated
/ 657 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2a05e2e2a0373c1bd991dd7efcc50d96efea83e5d7980dbdad22c7522927388

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Inter-Regular.latin-JLQMKCHE.woff2
app.framerstatic.com/ 19 KB
19 KB 383ms
120ms Font
font/woff2 2600:9000:2269:f800:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Regular.latin-JLQMKCHE.woff2

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:f800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:12:03 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 17356400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19024
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 08 Jan 2024 21:11:23 GMT
server: CloudFront
etag: "e8e69f41b1da2a7b6e6fcb959e00e736"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: bU2diQmuSVv7xZt2mbkKBkO-Ln5FETs6oraHB88vyQayWmnEeFC-jQ==

GET
H2 200 Inter-Medium.latin-Y3IVPL46.woff2
app.framerstatic.com/ 19 KB
20 KB 505ms
243ms Font
font/woff2 2600:9000:2269:f800:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:f800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 13:03:48 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 18199295
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19904
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 30 Dec 2023 00:02:17 GMT
server: CloudFront
etag: "f366e7b832c6d0e8a2038665895c0762"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 9IDmuj95F9vgNul6jUh-awBw6bhcBa3ZbOgLeI6mjaxYoBgOM_ahjg==

GET
H2 200 Inter-SemiBold.latin-RDYY2AG2.woff2
app.framerstatic.com/ 20 KB
20 KB 389ms
128ms Font
font/woff2 2600:9000:2269:f800:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:f800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 07:34:57 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 15627026
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20072
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Jan 2024 06:41:14 GMT
server: CloudFront
etag: "6a7880ce1bd9abb417faf126dccfd935"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-frame-options: deny
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: gtvInmGJO4P4PwOVglYS7HmzM31eHikw6mZjVczIyMxM4eUlHFiD8w==

GET
H2 200 Inter-Bold.latin-UCM45LQF.woff2
app.framerstatic.com/ 20 KB
20 KB 386ms
125ms Font
font/woff2 2600:9000:2269:f800:d:6b42:4ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.framerstatic.com/Inter-Bold.latin-UCM45LQF.woff2

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2269:f800:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Origin: https://customsrefund.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 02:57:44 GMT
x-amz-version-id: null
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 aa6e16f47d6a0519f52b8dcfca2d841a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P1
age: 18322059
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20000
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 28 Dec 2023 17:21:42 GMT
server: CloudFront
etag: "463f0c722a07aa2be781488e9fc88aca"
x-frame-options: deny
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: m8ca9FlsY1WwYX9J6EiIhKSu-nt8VM3ZH3zafBLbLTY-hogDTUKb_A==

GET
H2 200 ZcAb9grn19jtv3DSmChXcPeXzU.png
framerusercontent.com/images/ 1 KB
2 KB 322ms
319ms Image
image/avif 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ZcAb9grn19jtv3DSmChXcPeXzU.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

01705cbb917552679e399c15697d1fb1832803d921b66927d74e574da5102b40

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281076
x-amzn-requestid: e430388c-bf86-47f7-b885-85ce765ca586
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="jcQRVtGBu-ljqvOoeN3-Cb57Ojkv3JPD6i096CqUG-2ZE-HIxBosCg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "9745f106eafce98153f97de4693ef148"
x-amzn-trace-id: root=1-66a17e3e-65b6bad70a8335c56c1eb458;parent=41b98bd7d55fe4a6;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: jcQRVtGBu-ljqvOoeN3-Cb57Ojkv3JPD6i096CqUG-2ZE-HIxBosCg==

GET
H2 200 9bzoV9LdXAofv5PlTb5uvQLZfI.png
framerusercontent.com/images/ 2 KB
2 KB 318ms
315ms Image
image/avif 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/9bzoV9LdXAofv5PlTb5uvQLZfI.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4e978dde65336eeb1d9eb302716a41269a19fec5c0a3a17afe7c1acb924c48c7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:20:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281076
x-amzn-requestid: 5bf4dbbb-d7b6-4dce-8485-fa791784c617
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="W8KdIVxaYep3eXfXtkbiw5GlotkvS0o4IJ20omYUmUE4vvHuSJexWg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=2
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "634fce0a8374ac6ccf8f6fb342b51ddf"
x-amzn-trace-id: root=1-66a17e3e-197f314038a5294a0f7c7a7a;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: W8KdIVxaYep3eXfXtkbiw5GlotkvS0o4IJ20omYUmUE4vvHuSJexWg==

GET
H2 200 FYzDyOQWZK6Rqb3lLxyLxOF2mUA.png
framerusercontent.com/images/ 1 KB
2 KB 324ms
322ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/FYzDyOQWZK6Rqb3lLxyLxOF2mUA.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

54471a5eb70cfecdbaa09dd41f326048b3bb01dc9ce695af3c5607f980293885

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: ac9af838-b065-49a1-9005-e5a3b088b83f
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=2,cdn-upstream-fbl;dur=104,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="6GeuN4AxxjbY3AMlvPnV8EXpapWgvzHwGm7eZWLz1YFtl8UJh1eGvg==",cdn-downstream-fbl;dur=117
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "9e362ab51a5d08bf0427c592d34327c7"
x-amzn-trace-id: root=1-66a5c832-46d014f759a821fb2ecb923f;parent=28887293ce3ec52b;sampled=0;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: 6GeuN4AxxjbY3AMlvPnV8EXpapWgvzHwGm7eZWLz1YFtl8UJh1eGvg==

GET
H2 200 CrZsHmQM5tjJKokMQQoargGus.jpg
framerusercontent.com/images/ 61 KB
62 KB 544ms
542ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/CrZsHmQM5tjJKokMQQoargGus.jpg?scale-down-to=1024

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6d5cee1c840cb2e2f2846387e3fd437ab8100e785516611890f9e5966e061ef3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: de036d52-1393-42e8-9224-7f7329d4b3ca
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=2,cdn-upstream-fbl;dur=403,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="21xts2zko-atKXt7-qb-eM7Ad7WUHfI2uZmbesKq0dYPU4t-NCcJZw==",cdn-downstream-fbl;dur=411
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "981767d34c6e2e49da50b954a4cfd1ca"
x-amzn-trace-id: root=1-66a5c832-068b36e74a633b9e01b85b63;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: 21xts2zko-atKXt7-qb-eM7Ad7WUHfI2uZmbesKq0dYPU4t-NCcJZw==

GET index.html
widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/ Frame DEAD 0
0

GET index.html
widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/ Frame F6EC 0
0

OPTIONS
H2 200 anonymous
events.framer.com/ Frame 0
0 373ms
128ms Preflight
application/json 3.162.125.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-17.iad61.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://customsrefund.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 28 Jul 2024 04:25:22 GMT
via: 1.1 6f3ebc2cbc39563710a79620f7c154f0.cloudfront.net (CloudFront)
x-amz-apigw-id: bmw3_G-coAMEWmA=
x-amz-cf-id: UffGJnotddCH_E1sgY5ckyqgIrXFF9wqhfg1tHcZIAeHaQiGs3up6Q==
x-amz-cf-pop: IAD61-P3
x-amzn-requestid: 41c99408-06d7-459a-a9e7-bf276e08ab0f
x-cache: Miss from cloudfront

POST
H2 200 anonymous
events.framer.com/ 0
0 174ms
172ms Fetch
application/json 3.162.125.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.framer.com/anonymous
Requested by: Host: events.framer.com
URL: https://events.framer.com/script
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.125.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-125-17.iad61.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
via: 1.1 6f3ebc2cbc39563710a79620f7c154f0.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P3
x-amzn-trace-id: Root=1-66a5c833-202b6f894bc3578e5a7c6f7d;Parent=1bacf0ea7f9ec15f;Sampled=0;lineage=c457ad49:0
x-amzn-requestid: f3014050-2177-4fcc-acdc-b6b5fae039b2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: bmw4BE24IAMEWiw=
content-length: 0
x-amz-cf-id: ksPOqxP1V9PvShlBuKN4IqxwB8vQzQmtuRN8qM62Fiwtbm-72jJYHA==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16450016475/ 2 KB
1 KB 384ms
138ms Script
text/javascript 142.251.179.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16450016475/?random=1722140722843&cv=11&fst=1722140722843&bg=ffffff&guid=ON&async=1&gtm=45be47o0za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fcustomsrefund.co%2F&hn=www.googleadservices.com&frm=0&tiba=Custom%20Duty%20CBSA%20Refund%20for%20Canada&npa=0&pscdl=noapi&auid=2021018506.1722140723&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16450016475

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f155.1e100.net

Software

cafe /

Resource Hash

70e382e2de2a975548c60ddd4509e392b112d54af15315763b9fb79bed397afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jul 2024 04:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rAGqjHM9vuoKGXk1zSRz06bOsA.png
framerusercontent.com/images/ 13 KB
908 B 128ms
127ms Other
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/rAGqjHM9vuoKGXk1zSRz06bOsA.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

de2d654da876709183d63ec6c65d1911ec89a52390fbd76cc583e300c630e6ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P3
age: 1
x-amzn-requestid: 446798ad-08cc-4a06-9133-b31b0c1b9c51
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="0ljHuKTxGllm7yQaqw54nXQkIwYHYl2QiWbc8gNAWR9_t48eaiSZDA==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-66a5c832-25e63cfb4b3c76e41db12448;parent=2ff04826bcba8623;sampled=0;lineage=f456f256:0
etag: "1da7b8d94721e02d380f8c829c84dd9d"
vary: Accept
x-frame-options: deny
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: 0ljHuKTxGllm7yQaqw54nXQkIwYHYl2QiWbc8gNAWR9_t48eaiSZDA==

GET
H2 200 FYzDyOQWZK6Rqb3lLxyLxOF2mUA.png
framerusercontent.com/images/ 1 KB
907 B 131ms
131ms Other
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/FYzDyOQWZK6Rqb3lLxyLxOF2mUA.png

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

54471a5eb70cfecdbaa09dd41f326048b3bb01dc9ce695af3c5607f980293885

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P3
age: 1
x-amzn-requestid: ac9af838-b065-49a1-9005-e5a3b088b83f
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="rvC58rmDil_UYQsEZlPxTx5OFwjvn_tuYoeh2mJuerknDSg3B-cl3Q==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=10
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-66a5c832-46d014f759a821fb2ecb923f;parent=28887293ce3ec52b;sampled=0;lineage=f456f256:0
etag: "9e362ab51a5d08bf0427c592d34327c7"
vary: Accept
x-frame-options: deny
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: rvC58rmDil_UYQsEZlPxTx5OFwjvn_tuYoeh2mJuerknDSg3B-cl3Q==

GET
H2 200 CrZsHmQM5tjJKokMQQoargGus.jpg
framerusercontent.com/images/ 61 KB
889 B 127ms
126ms Other
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/CrZsHmQM5tjJKokMQQoargGus.jpg?scale-down-to=1024

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

6d5cee1c840cb2e2f2846387e3fd437ab8100e785516611890f9e5966e061ef3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P3
age: 1
x-amzn-requestid: de036d52-1393-42e8-9224-7f7329d4b3ca
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="sJEtJicgg2_933uUrKaMnnjnF6jz06xFwgVmCwyBEhClsLzfBS2ndw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=4
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
x-amzn-trace-id: root=1-66a5c832-068b36e74a633b9e01b85b63;sampled=1;lineage=f456f256:0
etag: "981767d34c6e2e49da50b954a4cfd1ca"
vary: Accept
x-frame-options: deny
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: sJEtJicgg2_933uUrKaMnnjnF6jz06xFwgVmCwyBEhClsLzfBS2ndw==

GET
H2 200 ERjZL2cLmKKANnIPJdiH482kI4.jpg
framerusercontent.com/images/ 12 KB
13 KB 229ms
229ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/ERjZL2cLmKKANnIPJdiH482kI4.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

da7acc30a9665e55368588fda3c36d640a746bfd2b0c3510c0c47f901b4b9161

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: 919cb749-e5d2-4754-af3a-29c3e30c3b06
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=4,cdn-upstream-fbl;dur=93,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="qRbQgQyDZYM1I3xkky_MsyoCcgjbhAGB3KznhuD6focl_f4514TeUg==",cdn-downstream-fbl;dur=101
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "510ce482b600a07748ae3e1befe98af4"
x-amzn-trace-id: root=1-66a5c833-74b51a855cab03bf012f3d52;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: qRbQgQyDZYM1I3xkky_MsyoCcgjbhAGB3KznhuD6focl_f4514TeUg==

GET
H2 200 CDHZMpKzDVwQXeUy8of47EVWyTQ.jpg
framerusercontent.com/images/ 16 KB
17 KB 284ms
284ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/CDHZMpKzDVwQXeUy8of47EVWyTQ.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

dbb0f4dad8e1f2521946203512798aa62256bd19e2f73b59bc9c4d42f2a47aeb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: 8ef083ac-b4e3-4ecc-826c-795c40b719af
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=4,cdn-upstream-fbl;dur=152,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="tyOuBkfnX8yFitm88W7tSGlgytjoKHjEu2_jWGVaZ0HmGTfhMyANtw==",cdn-downstream-fbl;dur=158
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "d5207dcf43bcfadbc4129e7ac2358b5e"
x-amzn-trace-id: root=1-66a5c833-26baa4594a14f96d302e6cf9;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: tyOuBkfnX8yFitm88W7tSGlgytjoKHjEu2_jWGVaZ0HmGTfhMyANtw==

GET
H2 200 f4uH1XO7g06xaBsG0v49wvPHy0.jpg
framerusercontent.com/images/ 26 KB
27 KB 136ms
136ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/f4uH1XO7g06xaBsG0v49wvPHy0.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

720165be36bb8575b55914db434c313e532d438a5004afc20e03ddb6ca7e07cf

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amzn-requestid: 2eb4136f-d949-464e-b20b-456e103a6cc6
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="Vz8QxD6id2COrcRG0GVMZ20XsjsVnZvbCYggorTGmGgTYt1-EGVxYw==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "7bb0175617856ab3a928292cce2c03dc"
x-amzn-trace-id: root=1-66a17df2-5696aef032c8948558528d05;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: Vz8QxD6id2COrcRG0GVMZ20XsjsVnZvbCYggorTGmGgTYt1-EGVxYw==

GET
H2 200 BHy0YdQ4sKlmMzvQh1BNUlRgpA.jpg
framerusercontent.com/images/ 14 KB
15 KB 268ms
268ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/BHy0YdQ4sKlmMzvQh1BNUlRgpA.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c85b89d6005d7c4738249a7b79ef8972c48530a4a94640fc4f16c13b68f5bd54

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: 32cc2296-2c6a-4943-9917-815c94d1f76e
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=3,cdn-upstream-fbl;dur=131,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="nfizx9rEPqAz5KLyrJ6Cr9D7hNP6mMZA1rKT1TwN2_mUlBjT6V5_bw==",cdn-downstream-fbl;dur=138
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "68d1ff10261c58b5cb737f4d0d65b4f2"
x-amzn-trace-id: root=1-66a5c833-499c89c57544237b30f3a0ae;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: nfizx9rEPqAz5KLyrJ6Cr9D7hNP6mMZA1rKT1TwN2_mUlBjT6V5_bw==

GET
H2 200 2RwY8BlwJIFyjCuYFndtKxTAY.jpg
framerusercontent.com/images/ 8 KB
9 KB 146ms
146ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/2RwY8BlwJIFyjCuYFndtKxTAY.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c7ef526fe49c83125f02761d82bcf10eb267dde366c088fe712a29a04979c1cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amzn-requestid: d8e72539-cdcd-4b9b-87d7-6d2685fc0227
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="A53DFj2Su27RsVcnWKe0jpF6MKy6LUljIDutGpjvnG6nZRak0XI4rQ==",cdn-hit-layer;desc="REC",cdn-downstream-fbl;dur=5
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "3a95527c85d30d672d3a27da1175d7ae"
x-amzn-trace-id: root=1-66a17df2-43de1bda360f8560187c9556;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: A53DFj2Su27RsVcnWKe0jpF6MKy6LUljIDutGpjvnG6nZRak0XI4rQ==

GET
H2 200 CYuzxskj2gnZmxVwzx6RIWaG5Y.jpg
framerusercontent.com/images/ 17 KB
18 KB 334ms
333ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/CYuzxskj2gnZmxVwzx6RIWaG5Y.jpg?scale-down-to=512

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

57bf6ce69d79ce9f89e0f008e0915dc7df429f3c9402c0e80509dd704a12d55c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sun, 28 Jul 2024 04:25:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
x-amzn-requestid: 773fe64c-4a8d-40d1-85fd-419e8fcbbdea
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-upstream-layer;desc="REC",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=3,cdn-upstream-fbl;dur=192,cdn-cache-miss,cdn-pop;desc="IAD55-P3",cdn-rid;desc="jYUMw8RWuXK08BwXfuvf4jPzEUtJY0uzjexlXL9848L20iBlHB0x6A==",cdn-downstream-fbl;dur=203
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "318defe092237c6b44cc25b7b568c402"
x-amzn-trace-id: root=1-66a5c833-0e8bc76b31d5c4cf7b051e5e;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: jYUMw8RWuXK08BwXfuvf4jPzEUtJY0uzjexlXL9848L20iBlHB0x6A==

GET
H2 200 TDe03KyL10VDGl3Dc47AUkQ7KO8.png
framerusercontent.com/images/ 14 KB
15 KB 144ms
144ms Image
image/webp 2600:9000:24f4:5600:d:ada1:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framerusercontent.com/images/TDe03KyL10VDGl3Dc47AUkQ7KO8.png

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/chunk-TANVZROP.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f4:5600:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

e66f8cd595ad121da9567ee32f1b29846842672e6c1a646603fb53c61b75e118

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:19:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 1b0f041f103652001e37f5806000d24a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281153
x-amzn-requestid: cf14bcb3-1ce3-41db-9fc3-4595eb7b2e26
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-rid;desc="egtrVpSpowvMrfRwYjEdPWsLQpoCF6PBJf5RQZpnOY7g6A_p7oZHEg==",cdn-hit-layer;desc="EDGE",cdn-downstream-fbl;dur=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "b50cece8dc9f16222402de1b4c3fd13f"
x-amzn-trace-id: root=1-66a17df2-74022cb44b10ef5b04f3f746;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: egtrVpSpowvMrfRwYjEdPWsLQpoCF6PBJf5RQZpnOY7g6A_p7oZHEg==

GET index.html
widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/ Frame F0F6 0
0

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/ Frame 9358 0
0 421ms
417ms Document
text/html 52.85.132.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-26.iad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=86400
content-encoding: gzip
content-length: 1904
content-type: text/html
date: Sun, 28 Jul 2024 04:25:24 GMT
etag: "d4f92050e7463ff9c39b28e72b193f0d"
last-modified: Wed, 29 May 2024 12:37:30 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront)
x-amz-cf-id: DVs5V2b-aNYm61D2qrzvYYc472PkPi1YgYOmG91ubbmztP_xpORI2g==
x-amz-cf-pop: IAD50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 gFQsR7rx
form.typeform.com/to/ Frame A6F8 0
0 552ms
213ms Document
text/html 44.198.77.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/to/gFQsR7rx?typeform-embed-id=07144432622660712&typeform-embed=embed-widget&typeform-source=customsrefund.co&typeform-medium=embed-sdk&typeform-medium-version=next&embed-hide-footer=true

Requested by

Host: framerusercontent.com
URL: https://framerusercontent.com/sites/3EPC03oAhpIExajLlveZQf/R35gAZoFq44YTIl0Jdx0zJ2B5nt8vZH-A5RvlQoOuUE.IJG6HEOM.mjs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.198.77.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-198-77-3.compute-1.amazonaws.com

Software

istio-envoy / 10110380335-7.199.1

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://customsrefund.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Sun, 28 Jul 2024 04:25:23 GMT
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains
traceparent: 00-f58282bf41c97a859ba7385f3ca4d3cd-5c91d8c8f6dd0a37-01
vary: Accept-Encoding
x-cache: MISS
x-cache-lookup: HIT
x-envoy-upstream-service-time: 89
x-powered-by: 10110380335-7.199.1
x-varnish: 453825514

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/ Frame 4304 0
0 410ms
410ms Document
text/html 52.85.132.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.85.132.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-132-26.iad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://customsrefund.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=86400
content-encoding: gzip
content-length: 1904
content-type: text/html
date: Sun, 28 Jul 2024 04:25:24 GMT
etag: "d4f92050e7463ff9c39b28e72b193f0d"
last-modified: Wed, 29 May 2024 12:37:30 GMT
server: AmazonS3
via: 1.1 77dc0904034d14a129bafe4c9d954f08.cloudfront.net (CloudFront)
x-amz-cf-id: DVs5V2b-aNYm61D2qrzvYYc472PkPi1YgYOmG91ubbmztP_xpORI2g==
x-amz-cf-pop: IAD50-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/16450016475/ 42 B
64 B 387ms
135ms Image
image/gif 172.253.115.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16450016475/?random=1722140722843&cv=11&fst=1722139200000&bg=ffffff&guid=ON&async=1&gtm=45be47o0za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&u_w=1600&u_h=1200&url=https%3A%2F%2Fcustomsrefund.co%2F&hn=www.googleadservices.com&frm=0&tiba=Custom%20Duty%20CBSA%20Refund%20for%20Canada&npa=0&pscdl=noapi&auid=2021018506.1722140723&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLd4FXRyeeUKf5YczpYPM1MWb4dno9eQ&random=3606609252&rmt_tld=0&ipr=y

Requested by

Host: customsrefund.co
URL: https://customsrefund.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jul 2024 04:25:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1L38EGvGW0pMqUvmA0lnWLghko.png
framerusercontent.com/images/ 6 KB
7 KB 124ms
124ms Other
image/avif 18.165.83.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://framerusercontent.com/images/1L38EGvGW0pMqUvmA0lnWLghko.png

Protocol

Security

QUIC, , AES_128_GCM

Server

18.165.83.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-165-83-69.iad55.r.cloudfront.net

Software

Resource Hash

92afe50e3e19653769973340d2aa3f5f24fc7781872f1bbcfa85cd88414a3c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Referer: https://customsrefund.co/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 22:20:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; report-uri https://framer.report-uri.com/r/t/csp/enforce;
via: 1.1 44dd03c6d93a5b4e66aa5cea227acbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P3
age: 281074
x-amzn-requestid: 5f3a0d59-8409-4a3e-8013-096c6533bfcd
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server-timing: cdn-cache-hit,cdn-pop;desc="IAD55-P3",cdn-hit-layer;desc="EDGE",cdn-rid;desc="NzIsROWusTPJltefOLNkTQWrpyashpLKeKtihMr7cEeh2u19JxMoeQ==",cdn-downstream-fbl=3
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
etag: "b0e9e51d2fd5864c77c7255ebe082875"
x-amzn-trace-id: root=1-66a17e43-2ceefea86dc503a330190940;sampled=1;lineage=f456f256:0
x-frame-options: deny
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=31536000
timing-allow-origin: *
x-amz-cf-id: NzIsROWusTPJltefOLNkTQWrpyashpLKeKtihMr7cEeh2u19JxMoeQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4

Domain: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4

Domain: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/56278e9abfbbba0bdcd568bc/index.html?templateId=56278e9abfbbba0bdcd568bc&businessunitId=65b8df1ee656e208967f8fb4

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.customsrefund.co/	1970-01-21 00:31:56	Name: _gcl_au Value: 1.1.2021018506.1722140723
.doubleclick.net/	1970-01-20 22:22:21	Name: test_cookie Value: CheckForPermission
.typeform.com/	1970-01-21 02:45:51	Name: tf_respondent_cc Value: {%22groups%22:[%222%22%2C%223%22%2C%224%22]%2C%22timestamp%22:%222024-07-28T04:25:25.607Z%22%2C%22implicitConsent%22:true}
.typeform.com/	1970-01-21 07:07:56	Name: attribution_user_id Value: 080f2b50-9ef9-4c50-8757-036104a11ab8
form.typeform.com/	1970-01-20 22:32:25	Name: AWSALBTGCORS Value: TdOhQvwUNk3QN+iOTNb5ZYiJ4SYSpve524CCuU7SBSQ9ZOnmxmyl++/GdcG8fAy1MwXyCPvLoYo+P9dyD90e2XFgWs0JWQwdcuiOD7wWhGK36RDAnPeRyhtWG++WRVQxmNXw1cMpYfinraVY7f+VVpnVNTdpE/Tr0rWk5lF2/UPj

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
customsrefund.co
events.framer.com
form.typeform.com
framerusercontent.com
googleads.g.doubleclick.net
widget.trustpilot.com
www.customsrefund.co
www.google.com
www.googletagmanager.com
widget.trustpilot.com
142.251.179.155
172.253.115.103
18.165.83.69
2600:9000:2269:f800:d:6b42:4ec0:93a1
2600:9000:24f4:5600:d:ada1:a280:93a1
2607:f8b0:4004:c0b::61
3.162.125.17
44.198.77.3
52.223.52.2
52.85.132.26
00b1e27e815133f485f1f2d8fe6e6e5f32136a1c3608b8fcaf15edf4fb05f1d2
01705cbb917552679e399c15697d1fb1832803d921b66927d74e574da5102b40
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
03337e69f3ba0d92c0ee4e6336eab382bbb5ce99d425bc1c0092a9b8618df364
0aee0be07e9d0827cda221969e076a4c076416b0162b8eabe499bd96573e34f5
21398447688d505d6dcdd8aa8a4b6a063ef1fb7da9b3e5ec2142db3611bb5eb8
3b7e122207e0011d365f5e3ca8fbcb444c77893e0e1a70bc683998d31190e1e8
4e978dde65336eeb1d9eb302716a41269a19fec5c0a3a17afe7c1acb924c48c7
54471a5eb70cfecdbaa09dd41f326048b3bb01dc9ce695af3c5607f980293885
57bf6ce69d79ce9f89e0f008e0915dc7df429f3c9402c0e80509dd704a12d55c
60c9f9db847af8f1306e254ef7b67463e88e889182155e03e56e181101511765
6d5cee1c840cb2e2f2846387e3fd437ab8100e785516611890f9e5966e061ef3
70e382e2de2a975548c60ddd4509e392b112d54af15315763b9fb79bed397afc
720165be36bb8575b55914db434c313e532d438a5004afc20e03ddb6ca7e07cf
74dcc51594b9772b91bbbae5223cb04bea6172dd431725dac0f4eed37e9ad408
7944b060b2f607cd1df3d09c957818afa4869d807b6ff0349506ecf590a03daa
92afe50e3e19653769973340d2aa3f5f24fc7781872f1bbcfa85cd88414a3c62
a2efa1093f199f85105ebb27989bc152180b5aab664e33c41ace53b5f68c7808
c57d9cded7e667dfab7ee45f0cb9fc2d8b5a50a3258f9dde02b3e2fc0f3fa4c7
c68a6f081906c9d9be0fc4f3dd09a212d53039747f676fa524692af4c7c170d5
c7ef526fe49c83125f02761d82bcf10eb267dde366c088fe712a29a04979c1cc
c85b89d6005d7c4738249a7b79ef8972c48530a4a94640fc4f16c13b68f5bd54
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
da7acc30a9665e55368588fda3c36d640a746bfd2b0c3510c0c47f901b4b9161
dbb0f4dad8e1f2521946203512798aa62256bd19e2f73b59bc9c4d42f2a47aeb
de2d654da876709183d63ec6c65d1911ec89a52390fbd76cc583e300c630e6ca
e1a05d37f7958c490525db30684b652995ef1b4d7f7885dd469921c2789642db
e2a05e2e2a0373c1bd991dd7efcc50d96efea83e5d7980dbdad22c7522927388
e66f8cd595ad121da9567ee32f1b29846842672e6c1a646603fb53c61b75e118
e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157

customsrefund.co Open in urlscan Pro 52.223.52.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

93 %HTTPS

30 %IPv6

9 Domains

10 Subdomains

11 IPs

1 Countries

683 kBTransfer

1606 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

customsrefund.co Open in urlscan Pro
52.223.52.2 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

93 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

11
IPs

1
Countries

683 kB
Transfer

1606 kB
Size

5
Cookies

42 HTTP transactions
1 data transactions