finance-refund.ru Open in urlscan Pro
2606:4700:3036::6815:1ab5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://finance-refund.ru/
Submission: On September 14 via automatic, source certstream-suspicious (September 14th 2024, 6:43:21 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 48 HTTP transactions. The main IP is 2606:4700:3036::6815:1ab5, located in United States and belongs to CLOUDFLARENET, US. The main domain is finance-refund.ru.
TLS certificate: Issued by WE1 on September 13th 2024. Valid for: 3 months.

This is the only time finance-refund.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:303... 2606:4700:3036::6815:1ab5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
48	11

34 2606:4700:3036::6815:1ab5 (United States)

ASN13335 (CLOUDFLARENET, US)

finance-refund.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	finance-refund.ru finance-refund.ru	723 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 215	36 KB
3	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3294	6 KB
2	gstatic.com fonts.gstatic.com	66 KB
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 6281	489 B
1	google.de www.google.de — Cisco Umbrella Rank: 10137	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	255 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4054
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	121 KB
48	10

	Domain	Requested by
34	finance-refund.ru	finance-refund.ru
3	cdnjs.cloudflare.com	finance-refund.ru
3	upload.wikimedia.org	finance-refund.ru
2	fonts.gstatic.com	fonts.googleapis.com
1	pro.ip-api.com	cdnjs.cloudflare.com
1	www.google.de	finance-refund.ru
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	fonts.googleapis.com	finance-refund.ru
1	www.googletagmanager.com	finance-refund.ru
48	10

This site contains no links.

Subject Issuer	Validity	Valid
finance-refund.ru WE1	`2024-09-13` - `2024-12-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.de WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://finance-refund.ru/
Frame ID: 3F45E44732351161E8F4B70DDFF3C23A
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Возврат денег от брокера - Чарджбэк форекс | FX Refund

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

100 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

954 kB
Transfer

2022 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
finance-refund.ru/ 55 KB
15 KB 183ms
60ms Document
text/html 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.24
Resource Hash: 39ab8f949c0711f7964ed9a3fd3653a620b3835e11917800891712425a061e80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8c2e66e058971909-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 14 Sep 2024 06:43:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBWDa9DUo1YPPApgIAARSJM7eCfGeHNuDKIPvwYDYGVYAXyVWSGv6DLQIJT0YVcpTAzQRAqDPf2zMsVqY19%2FKrbXPvvOvbV9NqV%2BVW9MLLOjxseMFmJNFP545FzeEQPYj8EXDKNmPfPThGIPnL%2BHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.24

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 369 KB
121 KB 51ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-K4LNKFF

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0ecd8bb6bacf155a710e779d7614720ae06be6d7d8c88855ad6ced7d0947c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 123176
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 14 Sep 2024 06:43:17 GMT

GET
H2 200 styles.css
finance-refund.ru/css/ 13 KB
3 KB 50ms
48ms Stylesheet
text/css 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/css/styles.css?v=1.1
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6422cf7cb3a00a5ccd9c803bc933a739fd820677e0588bcb1f8a7ee0d08629d

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 08 Feb 2024 10:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c4ac3d-3493"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FzI4jQvZ7QuqytMCdIVee15zvqbPXXeE8oy2aqTVHhV1K2i%2BB82ebySge%2FAXJyyKDR8ijlwIx91zj4RwMVw%2F8AmUgnrDO84psyXwEOfvqlZZkWVZ8AaM2gPPKDqaz0vWWqwtcbB7GkuQzIEY%2Fy%2BqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c2e66e0c8f31909-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 media.css
finance-refund.ru/css/ 4 KB
1 KB 49ms
49ms Stylesheet
text/css 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/css/media.css?v=1
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbba09493cd5538ad9abe5d6d467feac9d22770a1e14d9d3ad0b400c09df7b53

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b3bcea-f2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EnWgk6JJvk6DcCKvW0g5Znc6YAlRwQC51%2BjYzJGUqrV2kcxSUcLnFBcGHFJRasP0PcVy1rDc%2BN%2BE42YjArG0ItPMUGlSJGcJ1KznYjdouUoGJsMYOAeR4UGuk6MrPBbw1552E%2F8YW8O151FqHzJoCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c2e66e0c8f61909-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo.svg
finance-refund.ru/img/ 4 KB
2 KB 53ms
53ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/logo.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b76ca9339fbe99536f758db8275b5f94381b65596b64a4d48bd3505f1a466ca

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-fb5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7h2kFl04SGxFvBOTBujiwHe0F3iG0ZtGxHGKdRpNVcFLty55T%2FjRZmiyPmX2%2FZTZU1T%2FQq%2BjDI7nkow9VLwnBKstM4v6uaD9r2%2F8THsYmjsTcodaD4zKW1Ih20RhNsPUFpO1j8vKnYatoWwfRDKnqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0c8f71909-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ico.svg
finance-refund.ru/img/ 490 B
630 B 54ms
54ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/ico.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afbc3579573be313174c066399ebca7a0012cae04f5639719c5011e51a45b393

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-1ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpKRr2so8oR2xwnWxXd4%2BWEqfJ7c9wpZ5UK%2BR%2BtMDzURLAe4T9dcCWaW%2FvMdRNPEtgVcX7pFMCDwcQlJLbrxh5IfFGz68IJdDzumFieQghL1zwvpMEpFgk5lYiBjIAu37Rb3HjTpue8bG0zdxI1K7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0c8f81909-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-1.svg
finance-refund.ru/img/ 5 KB
3 KB 49ms
48ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-1.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd53925c607ef472f367f6bd2ebdb2b92079f5100db06ed153dc9d9d1cd1c155

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-138b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfS5cFnnlPuRfTIPpvBqyNArCOKgVG8oJ7otDF6ZikMyCpZ3E16SphB%2F7k22tfCfuhL66i3htU07yvUZ8tA9SHeBKEBsFUXQxTtdzthpCOquQpCAQ4kHLLsXClDWiyIbb92pwSiTMzy0s95WHuzgHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de3ed213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-2.svg
finance-refund.ru/img/ 10 KB
5 KB 47ms
46ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-2.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b9da1a7397a1b95bbb0a89314e82173facbc50fecde78f22151d4bc75591c9b

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-2978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HsG8VuDvDExY8yfwBITfY5S6fOc7%2BHWxX33x8kVaTzgyaZwM0FSLMDx%2FyZKdUgVqerVv%2FifaUXIu29MsM1SA2DPNQTEREHqLd%2FXi6vmZugwmTuO7ZeP9fli9osJNyO%2Fn%2Bc8iMbcl2YdW2EVWwRTAlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de40d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-3.svg
finance-refund.ru/img/ 5 KB
3 KB 55ms
53ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-3.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6a68645278937e321f7262049fe0a9f2cdd1717f8fa70f5f91740452065426

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-127d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zQiz1ir9FeGmUxbvFOfBh5uNbuexKEOIuPW5MnuErrvZ2M9GKUoqnnoKJX2sIIx7dVqIp72o%2F3G%2B4vYlgrFrDNW1HXbsfpHtrz%2B5MO9eEhleWvDpIaF38zA5MqlfrE5SrHt0%2BS2dGMNQq9%2B92Ofcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de41d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-4.svg
finance-refund.ru/img/ 2 KB
2 KB 55ms
54ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-4.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85c5c9cbacb27f2bb89071eda558087a43a017cdaf26150c78176fcd7d33487f

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-791"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaG0NC8pkYnW%2B0m98Es5FsftdWAxztN7tNlTHpl2eTiSgCpC6Um%2BJggkuvGoJuIpqQjH%2FVpTTdHtZn5HZ5iZ679hd392zD%2BNkudFHrH6AZHW4bE6rQdzQNdoPJ7Lu8gpN6ph1r2%2Fv84fZM%2BXnpRn0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de43d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-5.svg
finance-refund.ru/img/ 2 KB
1 KB 56ms
54ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-5.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adbbf832c2e2244d7d2f7fca03c0728ec050ff8f0b6e87863a550a38fdd9c92

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-745"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBSbiTQKSeRplFOkDh6oLkG5oWwg9FS%2FhqayP08rPcox9iCZGrVk5ClUPDqbhUP6C16nOBavxMEAirP3taX8JAVLHI%2BEqdvcNnPMw3%2F1Fsz2aWooKIb8QRji1YcKXF6KK2eqyQp4%2BFtu6gmq77wxOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de45d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-6.svg
finance-refund.ru/img/ 5 KB
3 KB 51ms
49ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-6.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11d21d06753ee04e2874b31338a5f4a765793dac0ac1f852a0f970cda469cef2

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-134f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7hN2cxNvsZ833d%2Fza4oDz1IQMw2MqrXq9KwbHWqO0cWSa3Mft1FumzAPlEWQUiNjyimB5DFPMe20eKhSQXfrtW4HB%2BCm55YqD2AUIbv8WHYORr6ncFwF15nCuGu9YsrMo1NbIVoVKgU81LiWBIHQ3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de47d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-7.svg
finance-refund.ru/img/ 3 KB
2 KB 48ms
47ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-7.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabe54105943414e29228c9108699236a2cbdfa92f56a4dff33523eff8939d0d

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-bcf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlK%2Fg2vdaRFh%2F0sRdbrYqJK6j1U0Wr%2BREwetD%2FlE4oYjs1pArBT3n3gEXEi9xr6lDFRv1yK3UN3w6xQen45QLLnbJt%2B6vJpJ6M4IQqS9zT9TlGYI1XYztZ%2BSh0gTNjWMF0%2BZ1SI5TQKZmytCGtb9gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de49d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-8.svg
finance-refund.ru/img/ 1 KB
1 KB 63ms
62ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-8.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d815d3f43d4056fe84c74178ba8ded4c596289b11e4acbf4e08786cf66f21f49

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-5cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZYRICJRVNErPYBcV8ESs0PsgYI30DNFfccEHtPahOf5qiguDuilUQgmsV1J1LfkC3Fb%2FKQ4eNggQirhKZXs4MN3HOSnTve1IujbOoVk%2Fw06pWF%2Fl8zejR0EOHyafE4ZCoRey0aUGMFxnnxSb0tjssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de4bd213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-9.svg
finance-refund.ru/img/ 2 KB
2 KB 57ms
56ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-9.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4730ab750d7496bc26839df6e8ac62c4e6b72d9f1432688b9ecd5ec13265f5f0

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-850"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BffmytILUUA0RalP0njuXTH%2FDxCUlaelJr%2FjaN6tdiEEmAy%2Fi3X88FHkkuLZZd7TdqicQZB6YI2tjtEZLDN0BkRLIQ%2Bt9xygR37qXCpJFLYN1MFhU8kjscsApfAEdslLdpVavo4FduVpoBGfFTlKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de4cd213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bank-10.svg
finance-refund.ru/img/ 2 KB
1 KB 58ms
56ms Image
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/bank-10.svg
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a36253a250f1755fa797427f372d703c81dd8960ad487649df848f7a0638aa1

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1NNceLmpgoGQvDQg4KjA32%2BTyS1D3R%2Fv4cdXQhOmzIb1ILV2y%2BDt84CuPgTF4xuVVkj2OvIcqMJQQR8oxTSxfgdkHe9e0B5lCIrkeyeBv4ITJrCyxUT8FI93w4jBTmf21hDdNG61OSzbNwxUDEPhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0de4dd213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 poster.png
finance-refund.ru/img/ 73 KB
73 KB 75ms
74ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/poster.png?v=1
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3481a1606c1c1194fb0cfb57ad11553bb4a0b3696e1c2b918d4157e9eb62f19

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 16:43:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65b3e13a-122c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gCzUJQaCdgRr02W4RtYJtWHjir6MpmPGPSHhbtEDRI5hD9VxJU4wean%2Fj9NDeLgFk4Xhe78%2B3zfcu5VTqL2l2G1At3%2BSpoFIa6zp9IFrq0%2FGWBSzyEszZAFRCUonF0mXucKpo78Ta2frDcKTKUrbfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de4ed213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 74439

GET
H3 200 offer.png
finance-refund.ru/img/ 134 KB
134 KB 80ms
79ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/offer.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dbc2fc264317160a1ee36ed738bb98233fd0c6f43684cb6e636111da586414b

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c74a-21644"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wpSqNeoCRbvdqeTXCy3DMGF5shfBG4iY7ie5do9d3UAFpLq9uZPbjH%2BmWy1OgDtqt7imVx2sFX5yi3KI4gEWtn4eFqHU1tDQ6BZbhoYJoxhTRzt9LfUqvBanj0hJWYjU0kp%2BV%2F0w%2FIGqVMHWSBlw4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de4fd213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 136772

GET
H2 200 120px-Flag_of_India.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/41/Flag_of_India.svg/ 1 KB
2 KB 48ms
12ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/41/Flag_of_India.svg/120px-Flag_of_India.svg.png

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.2.5 /

Resource Hash

ac6a7852adf120fc9791d0f28a4c809a5fff2ef98320229cb2a9d5f8cd7f045e

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 04:46:22 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 7014
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/34
content-disposition: inline;filename*=UTF-8''Flag_of_India.svg.png
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 1368
x-client-ip: 2a02:6ea0:c71b:0:1012:a385:7d3f:fc79
last-modified: Sun, 23 Jun 2024 19:26:28 GMT
server: ATS/9.2.5
etag: 3433566d529a8a3c9c887bcfc922e532
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 120px-Flag_of_Ukraine.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/4/49/Flag_of_Ukraine.svg/ 50 B
946 B 50ms
14ms Image
image/webp 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/4/49/Flag_of_Ukraine.svg/120px-Flag_of_Ukraine.svg.png

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.2.5 /

Resource Hash

a74766d24bf9352d1fd727d3dc57d4901d0a4b142c78c8accac5d7bcae4bcc1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 05:18:15 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 5101
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/18
content-disposition: inline;filename*=UTF-8''Flag_of_Ukraine.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 50
x-client-ip: 2a02:6ea0:c71b:0:1012:a385:7d3f:fc79
last-modified: Wed, 24 Jul 2024 22:56:35 GMT
server: ATS/9.2.5
etag: 0dba992a31c1be8f5823aa419bdee82b
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 120px-Flag_of_Kyrgyzstan.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/c/c7/Flag_of_Kyrgyzstan.svg/ 2 KB
3 KB 52ms
17ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/c/c7/Flag_of_Kyrgyzstan.svg/120px-Flag_of_Kyrgyzstan.svg.png

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.2.5 /

Resource Hash

de9a8f996b0e04710ffad5a4f1f02e137db2212ea684c616b4df8145d2d27e3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 02:55:17 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 13679
x-cache-status: hit-front
x-cache: cp3076 hit, cp3076 hit/54
content-disposition: inline;filename*=UTF-8''Flag_of_Kyrgyzstan.svg.png
server-timing: cache;desc="hit-front", host;desc="cp3076"
content-length: 2320
x-client-ip: 2a02:6ea0:c71b:0:1012:a385:7d3f:fc79
last-modified: Sun, 18 Aug 2024 17:30:08 GMT
server: ATS/9.2.5
etag: 1b661df9b69460162892cd1f0d43bd9f
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 license-1.png
finance-refund.ru/img/ 58 KB
58 KB 82ms
81ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/license-1.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4922a119850fb44bedee89d54ee4ce0c80d4f5341651b2d650ca31d7c574c081

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-e67c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1Vg%2BoA7eZZxXEhgnM3yOoeCb%2BAtCwIj2iJ7FY00Erf6BNz8VRde9GxVbM9ZAxmCQAR9YQ%2B5DGpmh4UkpRFGtj1NeDdm%2FJJ77GzJuV2t3h3RxyiaDrT9QhBU5S18iCOou2fE16Rev5q6i4DMIqG8Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de50d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 59004

GET
H3 200 license-2.png
finance-refund.ru/img/ 19 KB
19 KB 63ms
62ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/license-2.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ddd64af342a657fe14359158ae15171e9aa39c98afaeb66ad04821fe775df3b

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-4b2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vC8T3xA0ubWyag88eE2ZmdQt%2BdVtnrhpSxwqR0cEvD9fOBYdeBbcs0XFDpu7fjBrWc1E8GqDTNNsCTsZQ1aZIIefmMexDkMfjOQ%2FSuO3eyJK1FuL9zSh658qJXHydrXlkQCpNeARWOhwmBaii19g4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de51d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19247

GET
H3 200 footer-logo.png
finance-refund.ru/img/ 3 KB
3 KB 59ms
59ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/footer-logo.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3157b462c52c364dbeefde8af196cca71e7bec190ca9f945c9033aecdfe5a8dc

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-ac9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4f8l2Kcre4tSBujGIygs2ZoO56J%2FTTH2z8YWa4RCWRLo2JIJWO8VsjG%2B8QRJR6Rlu5PF6%2BpVAcJdp%2FXSppgH%2Bw1KC78nsazF87inhUsi4IecfwSvvBlT3qdvY2iD4VmHAGodvwmAAWOVU5fwHJV%2Fow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de52d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2761

GET
H3 200 footer-logos-1.png
finance-refund.ru/img/ 3 KB
4 KB 54ms
54ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/footer-logos-1.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44efe0af0a46318f68de4541819d6d6c229aae27bd459c2a4644654a667b3322

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-d4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GlF4vp63pITlOL%2B%2FdMNBA%2B%2FLnjjnViM6EkM6Viphqb%2BG7XTYGEOGZHhZpTPthfcB%2FXfyGAfDsfH5g435njMOZXJhe1IZlwl4vwMlah04HWbiHDuZKmEkRHEzTm9J89sR9958WHbJ5uGfXL6Yt%2FWrqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de54d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3402

GET
H3 200 footer-logos-2.png
finance-refund.ru/img/ 1 KB
2 KB 61ms
61ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/footer-logos-2.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f1b748e36cf2d51e62e568401ddf817613f5b88e1a118cdc0ee83e72917029

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-4dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBitYVAEMKs9lu9DR9reNIEtu3Lzc5g7eXiQXsiAZxyQePz3Q7mxmnEyASdNWRwbwO%2BI48DAosLY63vSmJX8sHYsMXdCsdjnoGMdnDXeSDjOajSdgcVup0AoXXJEIBAzi8O80zYNjhnm0uVdPD3NhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e0de55d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1244

GET
H3 200 email-decode.min.js Show response
finance-refund.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://finance-refund.ru/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Sep 2024 18:11:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66e08bdf-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhRcgqx1Iq98hwlHm8%2FGvsyaUUnif7ODdVB86mmTB5ZemqdeurMedpMFYKVqwKejmr0XZ3ye1diJRYc1AgHyxWvj9I9cP66t0O1pBWByODVBZwhfPo8%2FdRjSnXr%2B58OvLnDMEoNmn6y0nZPhWeeIRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8c2e66e0de56d213-FRA
expires: Mon, 16 Sep 2024 06:43:17 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/ 88 KB
28 KB 27ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://finance-refund.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1403321
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27990
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63091225-6d56"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zyv75w1vpTxCX9QKyQymm1Lb9hA8OLY6JYJM%2Be59pO28anSxr0PIz6w31WFuTvIdwINj2893UayJdGqw404ki64UGqQ2oTZDaxUhXQBaAI25BLfJloUjOC6KAOFmGtXMs4g7j%2BkBDHesCcyI7amAkBdh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c2e66e0ffec9a00-FRA
expires: Thu, 04 Sep 2025 06:43:17 GMT

GET
H3 200 app.js Show response
finance-refund.ru/js/ 391 B
675 B 56ms
54ms Script
application/javascript 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/js/app.js?v=1.0
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 283106e39b0eb448b97646d30893574890149c5fc4ad027954db344f20cc2971

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 08 Feb 2024 10:25:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c4ac30-187"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nH46pjnZs6kh8fB9U7gBQ%2FkxftINqo3ZWoKV9iXIYV1K9rSrP533nAYKTGcPia0pouwCDiQAWfiBYpMRnx8xjnqgb%2B4LbwoFAiHGSLDIF%2FA7szbkBtTAulXqJA42PemHkZmuQ4A%2F4J%2BV1NrD0NvFcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8c2e66e0de57d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 intlTelInput.min.css
finance-refund.ru/form/ 19 KB
4 KB 54ms
52ms Stylesheet
text/css 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/form/intlTelInput.min.css
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c8f8990201b3e7c44a3b9e1f4193458a06420b7ee6b2878ca8d38e5f76cde6

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b3bcea-4ac7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BnL3o5Z0PY3sdtNSfvZyHifn%2BbcQNOKtkfD4HL4GXrBFhA7ruboiD8BPI6J1NP%2FkOiMfuIa7gEXRKsmg%2BecJt2yrxKZKeCp6FLvitjmvw5HLS%2FMTRObgfnd3ZnIrT8t%2FPCh%2BDg0pT5DyEmR3mRogA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8c2e66e0de59d213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 intlTelInput.min.js Show response
finance-refund.ru/form/ 29 KB
12 KB 63ms
62ms Script
application/javascript 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/form/intlTelInput.min.js
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 079f6d8357d02c94dfd5bffb32fce255a093f0098439fb683407c126ab00c015

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b3bcea-734f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t7JtEO01tSVlpD5Xo12fDCo1hIQDbVNAiBf5hJgW9tlMPefeLizvqD%2Bp%2BnafqfJKKYPQmjo20U23QuOeQmdZQ%2B2pFqBE4t0Y52U2emi%2FUgopUje32%2FHUWA1Wm1Xbbmn2WILNeJ60ZgCRqAAXfJroNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8c2e66e0de5ad213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 intlTelInput-jquery.min.js Show response
finance-refund.ru/form/ 29 KB
13 KB 63ms
62ms Script
application/javascript 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/form/intlTelInput-jquery.min.js
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7de9c79a3d7f429befaf5a1d75a9aadcf684716986e8686db687da128b23d905

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b3bcea-7508"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ths5Q4fNOsKoEddZgwVTIpzsWawUKgPk7iMqIOJjTuFJ%2BnQ6ayefQbIZnU0qYyoyrhf962qNIytJK5xmFAX6nVmowshwz3gloSFrrWrC3Rwd0PVl1NGOvPmcCLLH5%2Bh24dzbavvYH8SfR6DQadWxZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8c2e66e0de5bd213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 utils.js Show response
finance-refund.ru/form/ 246 KB
73 KB 68ms
67ms Script
application/javascript 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/form/utils.js
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b646dbfe618a51842d1a348601fff46100b4b36d924e0d740553764b0d7111ce

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b3bcea-3d750"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAmeY9ZMv7mJucPethZf5tAqnHAKEjFb7DvgOYpB%2B9XIDKEjMhCvEUxc9n4f5hFZmSYGwsXlXqHne0MvOVw7WsB9Bl7c%2Fqx6ghUveoPYJPp%2F8z6ys%2BSSTrKwJZP8%2FJgk967yTc41FB898qON0KBq7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 8c2e66e0de5cd213-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 25ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 139974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tFHmokkhrgaMqN844DzhrfKd05k5ttA56eH4jO0nLh6YE0ikyZ4QSvG43hEQRnjqKkH4cBpiI6PU9RdX0DTo34y%2FtVK0rDRehdlxHuFD7Swqq0hOkhFQPv%2FgNF7sglmqsUlWbWNb3re2FIcWKbA8ung"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c2e66e0fd0bd36e-FRA
expires: Thu, 04 Sep 2025 06:43:17 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 24ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 30004
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FD8EdgcwvY5VfpGlG3kfW4JSIHHZv5U6G89ZDRIJ6X4cM5TURe6mRznZCcrT3zMTtjMn1j1pQgVsNUsZvgWeSEZNwCckhz4aiKdj5hQ7dcW2FsbtkesS30NzBO5wRAA4qyBiplBKiunfSxWZceG5r5ru"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c2e66e0fd07d36e-FRA
expires: Thu, 04 Sep 2025 06:43:17 GMT

GET
H3 206 video.mp4
finance-refund.ru/video/ 450 KB
0 82ms
82ms Media
video/mp4 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/video/video.mp4
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://finance-refund.ru/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65b3bcea-392f4ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuJeHlR%2BtFU6kcBSDtn6kPoqjgbCbLTRU4jIR337UJ8J0m%2Fd3F%2B89wBTLepDeYaX%2BZDI4H8rRZU74biB5qYdiqt5O8Yj7iUfQnQ3Ywm%2BEMf19ml9ogCbLtFRh3FYnQvMxJ0V%2FavrKlxjKwMogp9SYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-59962541/59962542
cache-control: max-age=14400
cf-ray: 8c2e66e0de5ed213-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 59962542

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 56ms
29ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/css/styles.css?v=1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f6916794cf64334dcb936ddcf567fa1a5ebf16f0eba42c757fb55cce3a82b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 14 Sep 2024 05:12:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 14 Sep 2024 06:43:17 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 36ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PP6L4JKJ5Q&gtm=45Pe4990v9117451605za200&_p=1726296197255&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1432151642.1726296197&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1726296197&sct=1&seg=0&dl=https%3A%2F%2Ffinance-refund.ru%2F&dt=%D0%92%D0%BE%D0%B7%D0%B2%D1%80%D0%B0%D1%82%20%D0%B4%D0%B5%D0%BD%D0%B5%D0%B3%20%D0%BE%D1%82%20%D0%B1%D1%80%D0%BE%D0%BA%D0%B5%D1%80%D0%B0%20-%20%D0%A7%D0%B0%D1%80%D0%B4%D0%B6%D0%B1%D1%8D%D0%BA%20%D1%84%D0%BE%D1%80%D0%B5%D0%BA%D1%81%20%7C%20FX%20Refund&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=313
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K4LNKFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 06:43:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finance-refund.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 54ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PP6L4JKJ5Q&cid=1432151642.1726296197&gtm=45Pe4990v9117451605za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-K4LNKFF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 06:43:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://finance-refund.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 52ms
36ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PP6L4JKJ5Q&cid=1432151642.1726296197&gtm=45Pe4990v9117451605za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1629947826

Requested by

Host: finance-refund.ru
URL: https://finance-refund.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 14 Sep 2024 06:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 intro-bg.png
finance-refund.ru/img/ 83 KB
84 KB 48ms
48ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/intro-bg.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/css/styles.css?v=1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fb64adc85ca1114d915ea8964d0ccbab91c0c15836baabcbd9dee6e62710649

Request headers

Referer: https://finance-refund.ru/css/styles.css?v=1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c748-14ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rgf6sY%2FVfjcfc0gmsf61Ev%2Flmo7yrWE%2FLX2L0b%2FzemtDU33n0DIvHbom3TCuphiF2Vw7ZNIOOQRrn8I8U9lS1oD6%2FXw2pdRoAQEjDWLI6rpozEFH2SLgxW3i%2FndUpu%2FzLIsOVfYgHVzuzTnfviaXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e19edcd213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85219

GET
H3 200 about.png
finance-refund.ru/img/ 46 KB
46 KB 82ms
82ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/about.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/css/styles.css?v=1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 809a1b0a38cb04b0d299fe8dbc4cb359cb73a68d4f1b57c7c6b7759bae53d363

Request headers

Referer: https://finance-refund.ru/css/styles.css?v=1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c740-b6a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5jtL10ZcIypJp2qxW%2FxWwj0Bebur1%2Bnf1HRcbWmd7jVfZv2Tqe96KPoyFSkMiXmnjTJn4Bdf8LAtoIym9pT3LVK1MwZTYOk0huZABnKyEiYGCBGVdSl2f0wbYp%2B1lUmUcNUukeQ%2BjYo5m0g4JBHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e19eded213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 46752

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 offer-bg.png
finance-refund.ru/img/ 82 KB
82 KB 76ms
75ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/img/offer-bg.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/css/styles.css?v=1.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6a8d4c4ab2b8505beae4842916dafdd38d72bc9190ef0370c3991f1bb6dc220

Request headers

Referer: https://finance-refund.ru/css/styles.css?v=1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:11:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65f9c750-14741"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8sLyF3I%2FYN03B8VSvSssnTP3GE1yaI4sSMlb8Nee%2Bqm%2FwvYAdhefiyZub%2B1b2CfxWLGuudcewzuHVeESp3RF73xVpGIVyCuAuAjVUO%2BkDHn%2F02pOf07Y8U%2BW9q2%2B86%2FqbPjXf9UOTy%2Bn8TQRRVO5uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e19ee2d213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 83777

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 18 KB
19 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finance-refund.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 23:38:46 GMT
x-content-type-options: nosniff
age: 25471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18740
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Sep 2025 23:38:46 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
47 KB 32ms
12ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://finance-refund.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 17:55:04 GMT
x-content-type-options: nosniff
age: 132493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48444
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 17:55:04 GMT

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 334 B
489 B 34ms
7ms Script
text/javascript 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=qbYk7OjO4GIy9xU&callback=jQuery36109113639889264002_1726296197405&_=1726296197406
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: 3a4781c3962438191d1c25b921baeae06472daf8375653f8840731bf416cdde8

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 14 Sep 2024 06:43:17 GMT
Content-Length: 334
Content-Type: text/javascript; charset=utf-8

GET
H3 200 flags.png
finance-refund.ru/form/ 69 KB
70 KB 75ms
75ms Image
image/png 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://finance-refund.ru/form/flags.png
Requested by: Host: finance-refund.ru
URL: https://finance-refund.ru/form/intlTelInput.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Request headers

Referer: https://finance-refund.ru/form/intlTelInput.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Jan 2024 14:08:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65b3bcea-114c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0XmD%2B2rBEapDaICc%2FwbqGMj%2FEshRh%2BhvDQGlwKYpBYAIOltrjtxgqMJsdubXOTRaOXegMHb3wxyobuYX4bRlJdrqi2OB7%2B8t9Zr9FvjKAnxYvJWNHvIt0CKHG2CCuQxxEc5NEpTXJnFElwSbY8QVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8c2e66e1df2fd213-FRA
alt-svc: h3=":443"; ma=86400
content-length: 70857

GET
H2 200 ico.svg
finance-refund.ru/img/ 490 B
0 0ms
0ms Other
image/svg+xml 2606:4700:3036::6815:1ab5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://finance-refund.ru/img/ico.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afbc3579573be313174c066399ebca7a0012cae04f5639719c5011e51a45b393

Request headers

Referer: https://finance-refund.ru/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 14 Sep 2024 06:43:17 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Mar 2024 17:12:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f9c764-1ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tpKRr2so8oR2xwnWxXd4%2BWEqfJ7c9wpZ5UK%2BR%2BtMDzURLAe4T9dcCWaW%2FvMdRNPEtgVcX7pFMCDwcQlJLbrxh5IfFGz68IJdDzumFieQghL1zwvpMEpFgk5lYiBjIAu37Rb3HjTpue8bG0zdxI1K7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8c2e66e0c8f81909-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finance-refund.ru/	1970-01-21 09:07:36	Name: _ga_PP6L4JKJ5Q Value: GS1.1.1726296197.1.0.1726296197.60.0.0
.finance-refund.ru/	1970-01-21 09:07:36	Name: _ga Value: GA1.1.1432151642.1726296197
.finance-refund.ru/	1970-01-21 01:41:12	Name: _gcl_au Value: 1.1.172791932.1726296197

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
finance-refund.ru
fonts.googleapis.com
fonts.gstatic.com
pro.ip-api.com
region1.analytics.google.com
stats.g.doubleclick.net
upload.wikimedia.org
www.google.de
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3036::6815:1ab5
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:811::2008
2a00:1450:4001:828::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a02:ec80:300:ed1a::2:b
51.77.64.70
079f6d8357d02c94dfd5bffb32fce255a093f0098439fb683407c126ab00c015
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
11d21d06753ee04e2874b31338a5f4a765793dac0ac1f852a0f970cda469cef2
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1a36253a250f1755fa797427f372d703c81dd8960ad487649df848f7a0638aa1
1b76ca9339fbe99536f758db8275b5f94381b65596b64a4d48bd3505f1a466ca
1b9da1a7397a1b95bbb0a89314e82173facbc50fecde78f22151d4bc75591c9b
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
283106e39b0eb448b97646d30893574890149c5fc4ad027954db344f20cc2971
2dbc2fc264317160a1ee36ed738bb98233fd0c6f43684cb6e636111da586414b
3157b462c52c364dbeefde8af196cca71e7bec190ca9f945c9033aecdfe5a8dc
39ab8f949c0711f7964ed9a3fd3653a620b3835e11917800891712425a061e80
3a4781c3962438191d1c25b921baeae06472daf8375653f8840731bf416cdde8
3c6a68645278937e321f7262049fe0a9f2cdd1717f8fa70f5f91740452065426
44efe0af0a46318f68de4541819d6d6c229aae27bd459c2a4644654a667b3322
4730ab750d7496bc26839df6e8ac62c4e6b72d9f1432688b9ecd5ec13265f5f0
47c8f8990201b3e7c44a3b9e1f4193458a06420b7ee6b2878ca8d38e5f76cde6
4922a119850fb44bedee89d54ee4ce0c80d4f5341651b2d650ca31d7c574c081
52f1b748e36cf2d51e62e568401ddf817613f5b88e1a118cdc0ee83e72917029
62cc01daef72c3ea76a258445368d2f4ab8d05a91f91c53fd12f7c42e3325942
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7adbbf832c2e2244d7d2f7fca03c0728ec050ff8f0b6e87863a550a38fdd9c92
7de9c79a3d7f429befaf5a1d75a9aadcf684716986e8686db687da128b23d905
7f6916794cf64334dcb936ddcf567fa1a5ebf16f0eba42c757fb55cce3a82b43
809a1b0a38cb04b0d299fe8dbc4cb359cb73a68d4f1b57c7c6b7759bae53d363
85c5c9cbacb27f2bb89071eda558087a43a017cdaf26150c78176fcd7d33487f
8ddd64af342a657fe14359158ae15171e9aa39c98afaeb66ad04821fe775df3b
9fb64adc85ca1114d915ea8964d0ccbab91c0c15836baabcbd9dee6e62710649
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a6a8d4c4ab2b8505beae4842916dafdd38d72bc9190ef0370c3991f1bb6dc220
a74766d24bf9352d1fd727d3dc57d4901d0a4b142c78c8accac5d7bcae4bcc1f
ac6a7852adf120fc9791d0f28a4c809a5fff2ef98320229cb2a9d5f8cd7f045e
afbc3579573be313174c066399ebca7a0012cae04f5639719c5011e51a45b393
b646dbfe618a51842d1a348601fff46100b4b36d924e0d740553764b0d7111ce
c6422cf7cb3a00a5ccd9c803bc933a739fd820677e0588bcb1f8a7ee0d08629d
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cd53925c607ef472f367f6bd2ebdb2b92079f5100db06ed153dc9d9d1cd1c155
d0ecd8bb6bacf155a710e779d7614720ae06be6d7d8c88855ad6ced7d0947c0f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d815d3f43d4056fe84c74178ba8ded4c596289b11e4acbf4e08786cf66f21f49
dabe54105943414e29228c9108699236a2cbdfa92f56a4dff33523eff8939d0d
dbba09493cd5538ad9abe5d6d467feac9d22770a1e14d9d3ad0b400c09df7b53
de9a8f996b0e04710ffad5a4f1f02e137db2212ea684c616b4df8145d2d27e3f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f3481a1606c1c1194fb0cfb57ad11553bb4a0b3696e1c2b918d4157e9eb62f19

finance-refund.ru Open in urlscan Pro 2606:4700:3036::6815:1ab5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

90 %IPv6

10 Domains

10 Subdomains

11 IPs

3 Countries

954 kBTransfer

2022 kBSize

3 Cookies

0 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

finance-refund.ru Open in urlscan Pro
2606:4700:3036::6815:1ab5 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

3
Countries

954 kB
Transfer

2022 kB
Size

3
Cookies

48 HTTP transactions
6 data transactions