www.absolutemoney.ppi-tax-refunds.co.uk Open in urlscan Pro
52.215.153.11  Public Scan

URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Submission: On January 19 via automatic, source certstream-suspicious

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 38 HTTP transactions. The main IP is 52.215.153.11, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.absolutemoney.ppi-tax-refunds.co.uk.
TLS certificate: Issued by R3 on January 19th 2021. Valid for: 3 months.
This is the only time www.absolutemoney.ppi-tax-refunds.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
10 www.absolutemoney.ppi-tax-refunds.co.uk www.absolutemoney.ppi-tax-refunds.co.uk
6 ka-p.fontawesome.com kit.fontawesome.com
www.absolutemoney.ppi-tax-refunds.co.uk
4 s3.eu-west-2.amazonaws.com www.absolutemoney.ppi-tax-refunds.co.uk
4 use.typekit.net www.absolutemoney.ppi-tax-refunds.co.uk
use.typekit.net
2 www.facebook.com www.absolutemoney.ppi-tax-refunds.co.uk
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.absolutemoney.ppi-tax-refunds.co.uk
connect.facebook.net
2 js.sentry-cdn.com www.absolutemoney.ppi-tax-refunds.co.uk
1 khk7rekgf9.execute-api.eu-west-1.amazonaws.com www.absolutemoney.ppi-tax-refunds.co.uk
1 f8-pixel.s3.eu-west-2.amazonaws.com www.googletagmanager.com
1 www.googletagmanager.com www.absolutemoney.ppi-tax-refunds.co.uk
1 p.typekit.net use.typekit.net
1 kit.fontawesome.com www.absolutemoney.ppi-tax-refunds.co.uk
1 cdn.jsdelivr.net www.absolutemoney.ppi-tax-refunds.co.uk
38 14

This site contains links to these domains. Also see Links.

Domain
www.absolutemoney.co.uk
www.aboutcookies.org
tools.google.com
www.fca.org.uk
Subject Issuer Validity Valid
absolutemoney.ppi-tax-refunds.co.uk
R3
2021-01-19 -
2021-04-19
3 months crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA
2020-01-28 -
2022-02-01
2 years crt.sh
*.s3.eu-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-03-27 -
2021-06-24
a year crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2021-01-08 -
2021-04-22
3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-12-15 -
2021-03-09
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh
*.execute-api.eu-west-1.amazonaws.com
Amazon
2020-09-12 -
2021-10-14
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Frame ID: E8BA53963E5EDC08671FBE8B40B009F2
Requests: 38 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

38
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

14
Subdomains

13
IPs

5
Countries

824 kB
Transfer

1469 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.absolutemoney.ppi-tax-refunds.co.uk/
35 KB
12 KB
Document
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
7b5463ea3dfdd679bd8f3e26d19828ba233dce8eb9a1af414a3518dad26a0676

Request headers

Host
www.absolutemoney.ppi-tax-refunds.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Tue, 19 Jan 2021 19:01:41 GMT
Content-Type
text/html
Last-Modified
Thu, 22 Oct 2020 13:48:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5f918dc7-8a2c"
Content-Encoding
gzip
hlb2kdv.css
use.typekit.net/
4 KB
978 B
Stylesheet
General
Full URL
https://use.typekit.net/hlb2kdv.css
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
80434e20d93b345aeca6dc56071512e55989f0938ae85cb574dfec6d27133850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Tue, 19 Jan 2021 19:01:41 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
778
site.css
www.absolutemoney.ppi-tax-refunds.co.uk/assets/css/
47 KB
48 KB
Stylesheet
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/css/site.css
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
68266cb5233c7ebc8609754217a3676a81a825df23a74d1b05e7757cc5dfbec5

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:40 GMT
Server
nginx/1.16.1
ETag
"5f8d6a94-bd9a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48538
animate.css
s3.eu-west-2.amazonaws.com/f8cdn/assets/css/
25 KB
25 KB
Stylesheet
General
Full URL
https://s3.eu-west-2.amazonaws.com/f8cdn/assets/css/animate.css
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.80 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:42 GMT
Last-Modified
Thu, 16 Aug 2018 13:29:11 GMT
Server
AmazonS3
x-amz-request-id
70F2902E4D4DDDE0
ETag
"1c7ad0a97d2dc2da70b8d855ae946cae"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
25427
x-amz-id-2
sdFMk6DdeGpB44qdnJfDbowFmsSSWPX3l/4FX5LBRnyPG5gY84oi58yUdRBakWdLfxfNTkmaBOc=
jquery.js
s3.eu-west-2.amazonaws.com/f8cdn/assets/js/
90 KB
91 KB
Script
General
Full URL
https://s3.eu-west-2.amazonaws.com/f8cdn/assets/js/jquery.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.80 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:42 GMT
Last-Modified
Thu, 16 Aug 2018 13:29:15 GMT
Server
AmazonS3
x-amz-request-id
53ABC379355D785F
ETag
"383771ef1692bfcc3f2b6917ca985778"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
92633
x-amz-id-2
bgAVdRBCgQkjmuLBXKPABwYEC4vxxFDDnxV7n4GhYNqbKQoh5tL+z3VvC29gkv6rNw46ONiEvY0=
jquery.validate.min.js
s3.eu-west-2.amazonaws.com/f8cdn/assets/js/
23 KB
23 KB
Script
General
Full URL
https://s3.eu-west-2.amazonaws.com/f8cdn/assets/js/jquery.validate.min.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.80 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:42 GMT
Last-Modified
Thu, 16 Aug 2018 13:29:12 GMT
Server
AmazonS3
x-amz-request-id
930FE99EC467A6AE
ETag
"c2e02460a0c2bb3c499009f8aa4297ab"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
23264
x-amz-id-2
b1LY+i5ZAQdNZXDBTV86v/jckoMK2bqjmzmlze3ssget+9Ks+ShnAD+D7U1UJ51rtxIlMrTWW7U=
functions.js
www.absolutemoney.ppi-tax-refunds.co.uk/assets/js/
4 KB
5 KB
Script
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/js/functions.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
611d57c5b4aa69d5cbedc0ce4f089b3a07b76cd4d7609037e0c3df7259e07fd4

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:42 GMT
Server
nginx/1.16.1
ETag
"5f8d6a96-1122"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4386
cdd66f57314540e3a9a6161b65232eff.min.js
js.sentry-cdn.com/
2 KB
1 KB
Script
General
Full URL
https://js.sentry-cdn.com/cdd66f57314540e3a9a6161b65232eff.min.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d29979b0b1fc8ab171e6ca34c092db263e1ae8feff08e9435195ee4a3b33ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14937
x-frame-options
deny
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1018
x-xss-protection
1; mode=block
x-served-by
web-3d5bfb0f, cache-ord1727-ORD, cache-fra19141-FRA
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/
2 KB
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16503
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1062
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
x-served-by
cache-fra19162-FRA
date
Tue, 19 Jan 2021 19:01:41 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
63cf28af03.js
kit.fontawesome.com/
11 KB
4 KB
Script
General
Full URL
https://kit.fontawesome.com/63cf28af03.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7533acd0eb233d82fc567591e653997e3b855198c3af110ebbf8f64a4e05a5f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
MISS
strict-transport-security
max-age=31536000; preload
cf-request-id
07bd9f3e930000c2db69042000000001
x-request-id
Flu3XN1u2YQ2p2UfvYdh
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
6142ce4419c6c2db-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
logo.png
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/
4 KB
4 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/logo.png
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
5df565e867ebefd3b193eb8cd4ab010ddeef3aa3f08136087787a1c8b4d79094

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:41 GMT
Server
nginx/1.16.1
ETag
"5f8d6a95-ed4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3796
union-jack-combined.svg
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/
4 KB
4 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/union-jack-combined.svg
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
17f53704a77dbb9dd26f944d57ccc02fad7c30275944f5de08986fd2720ce3e0

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:44 GMT
Server
nginx/1.16.1
ETag
"5f8d6a98-fdb"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4059
emblem.svg
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/
225 KB
225 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/emblem.svg
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f8bcfaff3e56ded7b47b3a138833d98b45172afba2bf6a4df6e331d18115224d

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:44 GMT
Server
nginx/1.16.1
ETag
"5f8d6a98-3849a"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
230554
reviews-logo.png
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/
8 KB
8 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/reviews-logo.png
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
25f361b7828777fffd69e411fe51d59171dd27b928d48cebe93f191666b26685

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:41 GMT
Server
nginx/1.16.1
ETag
"5f8d6a95-1f0f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7951
ssl-secure.png
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/
10 KB
11 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/ssl-secure.png
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ae420beb84b8692d2bc9130d1c87e2be68b7d031c6b641459aa92fd85ee47853

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:42 GMT
Server
nginx/1.16.1
ETag
"5f8d6a96-294b"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10571
uk-map.svg
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/
45 KB
45 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/svg/uk-map.svg
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
88ca775b10736a758f0b94037e5f95994127ef763799dbe676440d39c8ed3645

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:44 GMT
Server
nginx/1.16.1
ETag
"5f8d6a98-b4fa"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46330
logo-blue.png
www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/
3 KB
4 KB
Image
General
Full URL
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/img/logo-blue.png
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.153.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-153-11.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
09cb9452bcd9b23fa4c906ffe5202a9d844861e3d22ad8b4e36f0d204d7c8a78

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:41 GMT
Last-Modified
Mon, 19 Oct 2020 10:29:41 GMT
Server
nginx/1.16.1
ETag
"5f8d6a95-d48"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3400
reset.css
s3.eu-west-2.amazonaws.com/f8cdn/assets/css/
705 B
1 KB
Stylesheet
General
Full URL
https://s3.eu-west-2.amazonaws.com/f8cdn/assets/css/reset.css
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/css/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.150.80 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
986c9c3d5fd750ee8642279b1ea0e4b15052342368eeb73d4949d5517c02259b

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/assets/css/site.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:42 GMT
Last-Modified
Thu, 16 Aug 2018 13:29:11 GMT
Server
AmazonS3
x-amz-request-id
D6E10804A3D26B1A
ETag
"8dff617fb19f8e89928aa9c2fd6f8d3d"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
705
x-amz-id-2
C6hDt9/I3NIVxZEGtpUU9wSu0A7n2Jmpg+STJfRsDjYko01TLV5bdejoVyW0Je/1+dvSVtcG8/s=
p.css
p.typekit.net/
5 B
149 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=hlb2kdv&ht=tk&f=7294.27907.27943.27965.28041&a=17695020&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlb2kdv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:581::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/hlb2kdv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
last-modified
Wed, 02 Sep 2020 04:00:22 GMT
server
nginx
etag
"5f4f18d6-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5
pro.min.css
ka-p.fontawesome.com/releases/v5.15.2/css/
310 KB
52 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/css/pro.min.css?token=63cf28af03
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/63cf28af03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:32:23 GMT
server
cloudflare
etag
"5fff3cb7-d141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce464e65c2db-FRA
content-length
53569
cf-request-id
07bd9f3feb0000c2db8e0b5000000001
pro-v4-shims.min.css
ka-p.fontawesome.com/releases/v5.15.2/css/
26 KB
4 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/css/pro-v4-shims.min.css?token=63cf28af03
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/63cf28af03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c95ae22b8d3f26a4bccfc359b7f236e0baadea9e814b7616fe9380ecf72d404d

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:32:20 GMT
server
cloudflare
etag
"5fff3cb4-106a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce464e67c2db-FRA
content-length
4202
cf-request-id
07bd9f3feb0000c2db19b7d000000001
pro-v4-font-face.min.css
ka-p.fontawesome.com/releases/v5.15.2/css/
27 KB
3 KB
Fetch
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/css/pro-v4-font-face.min.css?token=63cf28af03
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/63cf28af03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06663477c0f778367b3550d1672db9bcf0ee750322e9101813fd7d03508ad3f7

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:32:19 GMT
server
cloudflare
etag
"5fff3cb3-a08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce464e68c2db-FRA
content-length
2568
cf-request-id
07bd9f3fec0000c2db783be000000001
gtm.js
www.googletagmanager.com/
81 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P93DFHK
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81a563a5efc03830bee38dbd5346bf074bcbdf91d6cf08b37648efce368569bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32385
x-xss-protection
0
last-modified
Tue, 19 Jan 2021 18:07:43 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Jan 2021 19:01:41 GMT
l
use.typekit.net/af/da2044/00000000000000003b9b36b9/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/da2044/00000000000000003b9b36b9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlb2kdv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
faaa0aa7c728ca2a82f8f2dee8ca28ad169242367ffb909cd25e50db96e9f325

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://use.typekit.net/hlb2kdv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
server
nginx
etag
"4dafbffd22501ef677223853c18ad69ae876c99f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18992
l
use.typekit.net/af/8140f5/00000000000000003b9b36bb/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/8140f5/00000000000000003b9b36bb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlb2kdv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
77fe482680a99a0cb4e8eafddffd0f4369266da27c32d522da111ec37921b1af

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://use.typekit.net/hlb2kdv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
server
nginx
etag
"0430a4b91e10c177a9c31a3e1ad666254b2564a3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
18196
l
use.typekit.net/af/841142/00000000000000003b9b36ba/27/
21 KB
21 KB
Font
General
Full URL
https://use.typekit.net/af/841142/00000000000000003b9b36ba/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hlb2kdv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
acdde7a31195b05cf933122040f7f69c411139265d837c36189d447f92e46d4e

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://use.typekit.net/hlb2kdv.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
server
nginx
etag
"1342f8c55b797aba362f8d8ee67ef40c43470484"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
21292
cdd66f57314540e3a9a6161b65232eff.min.js
js.sentry-cdn.com/
2 KB
1 KB
Other
General
Full URL
https://js.sentry-cdn.com/cdd66f57314540e3a9a6161b65232eff.min.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d29979b0b1fc8ab171e6ca34c092db263e1ae8feff08e9435195ee4a3b33ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14937
x-frame-options
deny
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
vary
Accept-Encoding
content-length
1018
x-xss-protection
1; mode=block
x-served-by
web-3d5bfb0f, cache-ord1727-ORD, cache-fra19141-FRA
pro-fa-duotone-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/
28 KB
28 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-duotone-900-5.0.0.woff2
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d17e0f39f106a309bff82d74ce1c7999d82b800cfaa62c12c0dcbf9aa74cb56

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:40:23 GMT
server
cloudflare
etag
"5fff3e97-710c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce471fc2c2db-FRA
content-length
28940
cf-request-id
07bd9f406f0000c2db9e932000000001
pro-fa-regular-400-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/
16 KB
16 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.10.2.woff2
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3f7bbfc5c0678c098861d2de0f081a0a092fdd9b8626acfce169eb27950383

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:43:27 GMT
server
cloudflare
etag
"5fff3f4f-40dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce471fc3c2db-FRA
content-length
16604
cf-request-id
07bd9f406f0000c2db9a39d000000001
pro-fa-regular-400-5.6.1.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/
1016 B
1 KB
Font
General
Full URL
https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.6.1.woff2
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db62499562503dd912ed0cb68fc0881aeca845aada4d50fce692b477dd715e8b

Request headers

Origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Jan 2021 18:44:01 GMT
server
cloudflare
etag
"5fff3f71-3f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6142ce471fcdc2db-FRA
content-length
1016
cf-request-id
07bd9f40720000c2db333e1000000001
fbevents.js
connect.facebook.net/en_US/
90 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
+61YWcS0jwUGDkQis/l2VQzXiq48PpUThCiguCw64nE0eZSTJcThbt9Xpjfb2q7tk5pPDL2M2fqnsp918dsdQg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Tue, 19 Jan 2021 19:01:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel.js
f8-pixel.s3.eu-west-2.amazonaws.com/
2 KB
2 KB
Script
General
Full URL
https://f8-pixel.s3.eu-west-2.amazonaws.com/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93DFHK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.148.142 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
b8b1cc2a0b3424fdc29c7d2bec55910b876d2593778d0118c307c2869d3a1f27

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 19:01:42 GMT
Last-Modified
Sat, 02 Mar 2019 13:02:00 GMT
Server
AmazonS3
x-amz-request-id
7A48D8CD81CCBC95
ETag
"b3478b11631429464479e76b7d5f7d71"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1724
x-amz-id-2
ZyLz265BOfFMy+L9TiMd0upmEB1782LsrVcknazDnufmP3tzSCJtyDP99FpDMJ8vaeLLgxO93Go=
analytics.js
www.google-analytics.com/
46 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P93DFHK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5400
date
Tue, 19 Jan 2021 17:31:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 19 Jan 2021 19:31:41 GMT
326036215217625
connect.facebook.net/signals/config/
241 KB
70 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/326036215217625?v=2.9.32&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1af1bb68b04f1bda7176c3bcfc6cbdcbb0922ce99883523ed1fdccdb12c702f2
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
ztOcBf0mA5+j6/0OfuN4qKtSBIlFVBfKxxZiMc+psKDBWZqlOXZs7+o20r/SDtUJoQCkPkgLT7SbZoQ9t7/IqA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 19 Jan 2021 19:01:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
1066342690
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
404 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1577155577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.absolutemoney.ppi-tax-refunds.co.uk%2F&ul=en-us&de=UTF-8&dt=(LIVE)%20Confirm%20your%20banks%20%2F%20lenders%20-%20PPI%20Tax%20Refunds%20-%20Absolute%20Money&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=629624933&gjid=1169836668&cid=1703473313.1611082902&tid=UA-174470719-1&_gid=1199422163.1611082902&_r=1&gtm=2wg161P93DFHK&z=245710271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jan 2021 19:01:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.absolutemoney.ppi-tax-refunds.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=326036215217625&ev=PageView&dl=https%3A%2F%2Fwww.absolutemoney.ppi-tax-refunds.co.uk%2F&rl=&if=false&ts=1611082901869&sw=1600&sh=1200&v=2.9.32&r=stable&ec=0&o=30&fbp=fb.2.1611082901867.252091305&it=1611082901723&coo=false&rqm=GET
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 Jan 2021 19:01:41 GMT
events
khk7rekgf9.execute-api.eu-west-1.amazonaws.com/l/
0
0
Image
General
Full URL
https://khk7rekgf9.execute-api.eu-west-1.amazonaws.com/l/events?i=null&s=null&e=PING&p=https%3A%2F%2Fwww.absolutemoney.ppi-tax-refunds.co.uk%2F
Requested by
Host: www.absolutemoney.ppi-tax-refunds.co.uk
URL: https://www.absolutemoney.ppi-tax-refunds.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.94.6 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-94-6.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=326036215217625&ev=Microdata&dl=https%3A%2F%2Fwww.absolutemoney.ppi-tax-refunds.co.uk%2F&rl=&if=false&ts=1611082903373&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22(LIVE)%20Confirm%20your%20banks%20%2F%20lenders%20-%20PPI%20Tax%20Refunds%20-%20Absolute%20Money%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.32&r=stable&ec=1&o=30&fbp=fb.2.1611082901867.252091305&it=1611082901723&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.absolutemoney.ppi-tax-refunds.co.uk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 19 Jan 2021 19:01:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 19 Jan 2021 19:01:43 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Sentry function| Cookies object| FontAwesomeKitConfig object| dataLayer object| google_tag_manager function| fbq function| _fbq object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| ref object| ts string| p object| q object| s object| cm object| cs string| ref_id string| ts_id number| v

4 Cookies

Domain/Path Name / Value
.absolutemoney.ppi-tax-refunds.co.uk/ Name: _gat_UA-174470719-1
Value: 1
.ppi-tax-refunds.co.uk/ Name: _fbp
Value: fb.2.1611082901867.252091305
.absolutemoney.ppi-tax-refunds.co.uk/ Name: _gid
Value: GA1.4.1199422163.1611082902
.absolutemoney.ppi-tax-refunds.co.uk/ Name: _ga
Value: GA1.4.1703473313.1611082902

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
f8-pixel.s3.eu-west-2.amazonaws.com
js.sentry-cdn.com
ka-p.fontawesome.com
khk7rekgf9.execute-api.eu-west-1.amazonaws.com
kit.fontawesome.com
p.typekit.net
s3.eu-west-2.amazonaws.com
use.typekit.net
www.absolutemoney.ppi-tax-refunds.co.uk
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
143.204.94.6
2606:4700::6812:1634
2a00:1450:4001:800::200e
2a00:1450:4001:818::2008
2a02:26f0:10c:581::19fd
2a02:26f0:6c00::210:ba0a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::621
2a04:4e42::729
52.215.153.11
52.95.148.142
52.95.150.80
06663477c0f778367b3550d1672db9bcf0ee750322e9101813fd7d03508ad3f7
09cb9452bcd9b23fa4c906ffe5202a9d844861e3d22ad8b4e36f0d204d7c8a78
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17f53704a77dbb9dd26f944d57ccc02fad7c30275944f5de08986fd2720ce3e0
1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae
1af1bb68b04f1bda7176c3bcfc6cbdcbb0922ce99883523ed1fdccdb12c702f2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
25f361b7828777fffd69e411fe51d59171dd27b928d48cebe93f191666b26685
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
4d17e0f39f106a309bff82d74ce1c7999d82b800cfaa62c12c0dcbf9aa74cb56
5df565e867ebefd3b193eb8cd4ab010ddeef3aa3f08136087787a1c8b4d79094
611d57c5b4aa69d5cbedc0ce4f089b3a07b76cd4d7609037e0c3df7259e07fd4
68266cb5233c7ebc8609754217a3676a81a825df23a74d1b05e7757cc5dfbec5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7533acd0eb233d82fc567591e653997e3b855198c3af110ebbf8f64a4e05a5f2
77fe482680a99a0cb4e8eafddffd0f4369266da27c32d522da111ec37921b1af
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4
7b5463ea3dfdd679bd8f3e26d19828ba233dce8eb9a1af414a3518dad26a0676
7d29979b0b1fc8ab171e6ca34c092db263e1ae8feff08e9435195ee4a3b33ac7
80434e20d93b345aeca6dc56071512e55989f0938ae85cb574dfec6d27133850
81a563a5efc03830bee38dbd5346bf074bcbdf91d6cf08b37648efce368569bd
88ca775b10736a758f0b94037e5f95994127ef763799dbe676440d39c8ed3645
986c9c3d5fd750ee8642279b1ea0e4b15052342368eeb73d4949d5517c02259b
a8755954660f9bef43d2dc61d725f022a3115b81ae76a6af093ab18cfdfa5de7
ab3f7bbfc5c0678c098861d2de0f081a0a092fdd9b8626acfce169eb27950383
acdde7a31195b05cf933122040f7f69c411139265d837c36189d447f92e46d4e
ae420beb84b8692d2bc9130d1c87e2be68b7d031c6b641459aa92fd85ee47853
b8b1cc2a0b3424fdc29c7d2bec55910b876d2593778d0118c307c2869d3a1f27
c95ae22b8d3f26a4bccfc359b7f236e0baadea9e814b7616fe9380ecf72d404d
cb09ab0572c6a6549a782e2843218c00285cb737ae50fe29a5061ca96aff0234
db62499562503dd912ed0cb68fc0881aeca845aada4d50fce692b477dd715e8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f8bcfaff3e56ded7b47b3a138833d98b45172afba2bf6a4df6e331d18115224d
faaa0aa7c728ca2a82f8f2dee8ca28ad169242367ffb909cd25e50db96e9f325