URL: https://gamerefund.ru/
Submission: On December 17 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::ac43:9ac6, located in United States and belongs to CLOUDFLARENET, US. The main domain is gamerefund.ru.
TLS certificate: Issued by R3 on December 17th 2020. Valid for: 3 months.
This is the only time gamerefund.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 67.222.108.228 33494 (IHNET)
27 6
Domain Requested by
16 gamerefund.ru gamerefund.ru
4 fonts.gstatic.com fonts.googleapis.com
2 static.elfsight.com gamerefund.ru
apps.elfsight.com
2 apps.elfsight.com 1 redirects apps.elfsight.com
1 elfsight.com gamerefund.ru
1 uifaces.co gamerefund.ru
1 fonts.googleapis.com gamerefund.ru
0 uosaofupmp.ru Failed gamerefund.ru
27 8

This site contains links to these domains. Also see Links.

Domain
vk.com
wa.me
niagarastar.ru
api.whatsapp.com
elfsight.com
Subject Issuer Validity Valid
*.gamerefund.ru
R3
2020-12-17 -
2021-03-17
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
elfsight.com
Cloudflare Inc ECC CA-3
2020-06-30 -
2021-06-30
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
uifaces.co
cPanel, Inc. Certification Authority
2020-12-12 -
2021-03-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://gamerefund.ru/
Frame ID: F3A717879948A24F9FA76A09BB884D14
Requests: 29 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

27
Requests

96 %
HTTPS

80 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

687 kB
Transfer

1151 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://apps.elfsight.com/p/platform.js HTTP 301
  • https://static.elfsight.com/platform/platform.js

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gamerefund.ru/
10 KB
3 KB
Document
General
Full URL
https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
988e3891aa2cf691600219a906a7cfa541d1cf36df3c29a1377ecb2020077924

Request headers

:method
GET
:authority
gamerefund.ru
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=de6b35b0ec146a06438098c51114b36c21608192815; expires=Sat, 16-Jan-21 08:13:35 GMT; path=/; domain=.gamerefund.ru; HttpOnly; SameSite=Lax; Secure sess_id=0c8cec3b41a10db228e21f9025ccbba5; domain=.gamerefund.ru; path=/; expires=Thu, 17-Dec-2020 10:13:33 GMT
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
07115c0a7e00004a7448378000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GhelkFkoc9dgoMzyZVJpehTYKaOLOPvHdNvP9Kuh3myFtiYScm%2F%2FSxF9gHB%2BzObFXMAPYktrqtTk5AtKH%2BNPPcHN37Cvx0m86DlWB%2F4as1306VBlj1JUjDY2"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
602f2f8a6b7a4a74-FRA
content-encoding
br
css2
fonts.googleapis.com/
4 KB
709 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1468d2331dd9c18641f4a4c5c60986c1904f66114640c6ba425cdedd1993454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Dec 2020 08:13:36 GMT
server
ESF
date
Thu, 17 Dec 2020 08:13:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Dec 2020 08:13:36 GMT
style.css
gamerefund.ru/game/styles/
6 KB
2 KB
Stylesheet
General
Full URL
https://gamerefund.ru/game/styles/style.css
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86bc7811131f314616690afb804ac3a9529a48154848a9e4416e292acb876107

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Aug 2020 13:02:06 GMT
server
cloudflare
etag
W/"1b768242-17c5-5f3fc5ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E4qo7Je9%2BDjHHYo51HeJbijxA4Zus0ygwefPZtEfvDnP3zptCvurU%2BmTknXKLd%2BmTCsZPHLQGWQUo%2FOX1ooo45NlX%2FfqT51YJiuL7nKazqWWnYK3Algl4jU2"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
602f2f8c78e64a74-FRA
cf-request-id
07115c0bd000004a7447a18000000001
normalize.css
gamerefund.ru/game/styles/
7 KB
2 KB
Stylesheet
General
Full URL
https://gamerefund.ru/game/styles/normalize.css
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d24aba60d89d9c9fcb46a2e5be6cea5d712d6f9482ade5a24ddc36b1d84e189

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 18 Aug 2020 21:14:22 GMT
server
cloudflare
etag
W/"1b768243-1da1-5f3c44ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1gcMMdfm1NAhQCaqPKTdsOg93IEICMh7bqWf44RCivpHbxTBafA5E6XnJrKO537GGAa5bilRkxkoR9GU0CFeUFg7ENrxk06wVzmR5Ny0PD6GpK5WGHAn6YI5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
602f2f8c78e84a74-FRA
cf-request-id
07115c0bce00004a746321d000000001
style-mob.css
gamerefund.ru/game/styles/
1 KB
732 B
Stylesheet
General
Full URL
https://gamerefund.ru/game/styles/style-mob.css
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1947cd2f91aed687a716a20ce50b09320142b82fa59ed1d4eea479c3426204

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 19 Aug 2020 16:18:41 GMT
server
cloudflare
etag
W/"1b76829e-58e-5f3d50e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DYXPKH3tAPi%2F2pkWe%2BXzJ8yulGeBkJPvijPwrGmJvgP0uGvhjQp8J5ECe3bVmaMNboqIfdaOiKMbCbviYkmIMddU3O%2FHm0SjSP1ud8Sur0n8ZUVQXg0Cqipb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
602f2f8c78ea4a74-FRA
cf-request-id
07115c0bce00004a748d8c7000000001
jstemp.js
gamerefund.ru/game/
48 KB
14 KB
Script
General
Full URL
https://gamerefund.ru/game/jstemp.js
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a6803095d88ee2fe310cc8dfd92c6ba431e5eea54e57000c290203d2c76da9

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 21 Aug 2020 09:42:15 GMT
server
cloudflare
etag
W/"1b768203-bf82-5f3f96f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wvSwij9%2FuF6HD5j43HtQf1r%2B45r7blXHlSqQMMCNo6x8V3ngLagLiW5QTukvbqMpnCIFJp3N226BhGXSuGtFi3faO7vfTFENrxqSU3hzgIsl2wyc66scZe4Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
602f2f8c78ec4a74-FRA
cf-request-id
07115c0bce00004a74808f2000000001
dmenu.js
gamerefund.ru/game/
4 KB
2 KB
Script
General
Full URL
https://gamerefund.ru/game/dmenu.js
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587b55c9c9de02ca98421ac4b70516da257a0421f6ec0767721861c53f0ced96

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 18 Aug 2020 21:14:01 GMT
server
cloudflare
etag
W/"1b768200-11fb-5f3c4499"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8kXt2qn9bMwrQHsvvsPdSxJ1g07oWy56kE8AfSjQcF6lBJuRLd8C6%2BhpGWcBej0ztJ0lbaI1zLEtK1%2FtEcBGXqYWAn4GYr9VZ4Fsz3iteXwi9%2FegKDRgvafU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
602f2f8c78ee4a74-FRA
cf-request-id
07115c0bcf00004a745ba64000000001
platform.js
static.elfsight.com/platform/
Redirect Chain
  • https://apps.elfsight.com/p/platform.js
  • https://static.elfsight.com/platform/platform.js
46 KB
15 KB
Script
General
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e72ad302f1a6695fd18142d75e36e4af409b61e71343a855fbb732fde7274b1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2555
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
tx000000000000004f7f6fd-005fcf955c-29d4d65-sfo2a
cf-request-id
07115c0cab0000dfc3c73e3000000001
last-modified
Tue, 11 Aug 2020 07:58:12 GMT
server
cloudflare
cache-control
max-age=3600
etag
W/"c6a9142c7bb57af96198752a81f14a2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WI1hXBshE07K1IcdqSP821y960b6xfqYlWoGaJheU8qnCGBySt0gURyG4ZN3O5%2Ba0ZevSd8bIJdq72CR1o%2BM2i2NrF8OhI7Mvs27zh1TrYfNfuVMgwuTkkoODI3eUb9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-rgw-object-type
Normal
cf-ray
602f2f8ddeaadfc3-FRA

Redirect headers

date
Thu, 17 Dec 2020 08:13:36 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KYIInm6ZnyN23Ir88neQZWV5nuHr4JD0qGNVMjpzSN%2B8BaGzF3CbYMsTM889eqj6Nu%2BWQBOUG41ILrfQabKnngb4mBioRjmGjJVxQveFMwJbs2juBk4rB3escb0fsA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.elfsight.com/platform/platform.js
cache-control
max-age=3600
strict-transport-security
max-age=0
cf-ray
602f2f8dbe7fdfc3-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07115c0c980000dfc3b98f4000000001
expires
Thu, 17 Dec 2020 09:13:36 GMT
icon-1.png
gamerefund.ru/game/images/
3 KB
3 KB
Image
General
Full URL
https://gamerefund.ru/game/images/icon-1.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef4dce3108758f6f465ac01c9e3229e418e27c465155b478d651538d54da96d

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
2637
cf-request-id
07115c0cbd00004a74adb98000000001
last-modified
Tue, 18 Aug 2020 21:14:20 GMT
server
cloudflare
etag
"1b76822e-a4d-5f3c44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=al81WAZbCYVh3YUYFyGMZ9QpwYdY%2BE8xvlLDKAkuyc1ixhRz3EYKJeO0YHiBNGtjHbR8%2FYGWYyTCB6%2FnnGDZemcJ%2F%2FjIZNAWmmRfy%2FJZSDdUdQUeD8Q8DucM"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8dfcd14a74-FRA
icon-2.png
gamerefund.ru/game/images/
4 KB
4 KB
Image
General
Full URL
https://gamerefund.ru/game/images/icon-2.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ca57786aa550d6a90ef1a7c4f70130bc66afb9555172bab4f7960647f42915

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
3656
cf-request-id
07115c0d0700004a746438b000000001
last-modified
Tue, 18 Aug 2020 21:14:20 GMT
server
cloudflare
etag
"1b76822f-e48-5f3c44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rInD6RFIad47Sg3ozSE7i%2B%2Ff8Kp707ICsKkRvugSpAH93PxQPrZ3U%2Br283p9%2F%2BhukkDbago2iqYFNIrR2pjCK%2F3cr4qmkGYWtk1eLg%2BCigeevvuF9%2FcklH%2Bn"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7dfa4a74-FRA
icon-3.png
gamerefund.ru/game/images/
4 KB
4 KB
Image
General
Full URL
https://gamerefund.ru/game/images/icon-3.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299035e098f990531edc81bfcb2fc4204976379fab6157b622e5ba9d2eb762d5

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
3859
cf-request-id
07115c0d0c00004a7476bed000000001
last-modified
Tue, 18 Aug 2020 21:14:20 GMT
server
cloudflare
etag
"1b768230-f13-5f3c44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f2JEImPNQTkkfp%2FtZvdxSNFkmTQp37hIQpxfEzSkwFdL7ZJ%2Fhljg9WW77mBJyGLx7QvAr4JWJim85nUuIQmunUwB43Ah1QEDfehfFZN1KRjadMxPbrq5Po7P"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e0f4a74-FRA
star.png
gamerefund.ru/game/images/
3 KB
3 KB
Image
General
Full URL
https://gamerefund.ru/game/images/star.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1227fa35f2eda495aa1f5a25be4944b03353c0b89b589d4adfdd835e6504e69e

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
2665
cf-request-id
07115c0d0c00004a7468b23000000001
last-modified
Tue, 18 Aug 2020 21:14:21 GMT
server
cloudflare
etag
"1b768238-a69-5f3c44ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I9UXmx8RUNajctftPDNXOOFt4KRt7BltJJrwCXDQjTf5PkFCW99AKUR10ELajQ12lOwNZqu%2F9FwDEMTrA8V0Mj0t%2Fah%2BThJrEqjIjgrQ7YuOznBI6yl2H%2Fma"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e124a74-FRA
header.jpg
gamerefund.ru/game/images/
243 KB
244 KB
Image
General
Full URL
https://gamerefund.ru/game/images/header.jpg
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8ce5eb4c5e2c9ff0b2e837b76ed2962b3e19a19b63e6a943a2e42b1ed8c1f7

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
248750
cf-request-id
07115c0d0c00004a749fbc9000000001
last-modified
Tue, 18 Aug 2020 21:14:20 GMT
server
cloudflare
etag
"1b76822d-3cbae-5f3c44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l56HW%2FkbXCGwE0937ZjMejPqCoyFg3Yl5W7kxUN3z1JF6uAhHYF%2FqYtjOIkc2iW4KW0pNc3GLXQY3x6WZHOmCcDybDiJd5B4pmf15zHvOuWl4u%2B%2Bv7JKAEDQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e154a74-FRA
logo.png
gamerefund.ru/game/images/
3 KB
4 KB
Image
General
Full URL
https://gamerefund.ru/game/images/logo.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd186877f8d1a0daaa53579b7ab8f099233364f6a2918188fc22e4800bab0c46

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
3376
cf-request-id
07115c0d0d00004a7485822000000001
last-modified
Tue, 18 Aug 2020 21:14:20 GMT
server
cloudflare
etag
"1b768231-d30-5f3c44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iF6dCmWJrJ48QA0%2FBmVs0FHl8QoMFyfKDjSaPK774i8UOeMr0xUSeUXLb9fgfzsAKsD0xORrQeeeQCr2df6m9XELaYPz%2BVfmCR1zdwNipsBmZa8NUQpC0sE5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e164a74-FRA
vk.png
gamerefund.ru/game/images/
1 KB
2 KB
Image
General
Full URL
https://gamerefund.ru/game/images/vk.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1044ac80dd1aea07e2ef25ed9c0fdc8bf8c74f546fec290d5b6955c1cc3dfbf1

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
1388
cf-request-id
07115c0d0e00004a745717a000000001
last-modified
Tue, 18 Aug 2020 21:14:21 GMT
server
cloudflare
etag
"1b76823f-56c-5f3c44ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PL7MVggc9obj8MJaxCPIQgsqptgBHFvz3EVOQavAKJ7x7bWTTYYhfa21v1V%2BcYb0aogX2%2FSOXY%2Bue1b%2BFU4TV7NUHQuzjtxqgCBfehBXbnSOCCZUfX3aRVlU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e1e4a74-FRA
wa.png
gamerefund.ru/game/images/
2 KB
2 KB
Image
General
Full URL
https://gamerefund.ru/game/images/wa.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbe44f1402f9b5b10c073b1ec8a169c7f337458eebac9c67ec02e38d8bcd1bf3

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
1825
cf-request-id
07115c0d0e00004a747593c000000001
last-modified
Tue, 18 Aug 2020 21:14:22 GMT
server
cloudflare
etag
"1b768240-721-5f3c44ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YDJGmE0zdpaT6dphEXPn5PFT0UZL0anoVvAccCZt%2FQ4bVGnRK524hocA4nOqLfdMVFvhxYX%2B1bgLp0VaNysfT0eTK64qT6xWgsTWm5w0Y0ec%2BYYWaGE9KR0v"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e1f4a74-FRA
banner.jpg
gamerefund.ru/game/images/
85 KB
85 KB
Image
General
Full URL
https://gamerefund.ru/game/images/banner.jpg
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
881a786708061a429c2ae572ce9d9dd5d8dd52b89f0c0fd1eaf4ff3e059cd8af

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
86873
cf-request-id
07115c0d0e00004a74952a4000000001
last-modified
Tue, 18 Aug 2020 21:14:19 GMT
server
cloudflare
etag
"1b76822b-15359-5f3c44ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wg%2FiHoVhVw%2FF2bOqvXrxUYR79%2BQEWbmlNX46xOuF0xbbi%2BKOn5%2B6twyduju12xBFXv4L7yV%2F3nu0Pke6u1WXVT2jAfDkBLHesLua8St5daTP6%2BG7uEZpU1oA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8e7e204a74-FRA
6aez4K2oVqwIvtE2H70Q13HqPA.woff2
fonts.gstatic.com/s/play/v12/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v12/6aez4K2oVqwIvtE2H70Q13HqPA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e0096a5f546c7a9b5a6156e06826cb0d8f3e7297ec3483c9834ce96e9d36a81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gamerefund.ru
Referer
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:20:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:50:08 GMT
server
sffe
age
139971
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
expires
Wed, 15 Dec 2021 17:20:45 GMT
6ae84K2oVqwItm4TCpQy2lvQNTIQoQ.woff2
fonts.gstatic.com/s/play/v12/
5 KB
5 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpQy2lvQNTIQoQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74625e7bac303f469570865d5d6f3fa3aac04c35763681e0e225da1107a13627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gamerefund.ru
Referer
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 18:22:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:49:52 GMT
server
sffe
age
49865
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5272
x-xss-protection
0
expires
Thu, 16 Dec 2021 18:22:31 GMT
6aez4K2oVqwIvtU2H70Q13E.woff2
fonts.gstatic.com/s/play/v12/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v12/6aez4K2oVqwIvtU2H70Q13E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b3d88249f5f8cd1e145faa051534685b784434fa8147299eb02a9609290fe71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gamerefund.ru
Referer
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 22:37:30 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:49:44 GMT
server
sffe
age
120966
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9988
x-xss-protection
0
expires
Wed, 15 Dec 2021 22:37:30 GMT
6ae84K2oVqwItm4TCpAy2lvQNTI.woff2
fonts.gstatic.com/s/play/v12/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/play/v12/6ae84K2oVqwItm4TCpAy2lvQNTI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
940c14c9d24e05484c79b01c7bea21a92c72e361428e791671e99a41f46afa36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://gamerefund.ru
Referer
https://fonts.googleapis.com/css2?family=Play:wght@400;700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 01:19:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 03:49:47 GMT
server
sffe
age
370428
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9960
x-xss-protection
0
expires
Mon, 13 Dec 2021 01:19:48 GMT
title-underline.png
gamerefund.ru/game/images/
1 KB
1 KB
Image
General
Full URL
https://gamerefund.ru/game/images/title-underline.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/game/styles/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:9ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530779f3115d389b1dfa1348652cccf0aaa63ccdc16fed0c42e8321ab34fa2f0

Request headers

Referer
https://gamerefund.ru/game/styles/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
content-length
1124
cf-request-id
07115c0d3500004a748d8f0000000001
last-modified
Tue, 18 Aug 2020 21:14:21 GMT
server
cloudflare
etag
"1b76823b-464-5f3c44ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5AEH%2FvqXC2t7OgnVjPUcIVJh%2Fxu90Y%2FXD95BIBpIIE3v1JcbyFG3WaPgwdUQU1u%2Bwadnqt809PSgM3nzEXwsEb1E4irXPuELT%2BFyOrPDcB0WgsN09uQWzsnJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
602f2f8ebeaf4a74-FRA
/
apps.elfsight.com/p/boot/
3 KB
2 KB
XHR
General
Full URL
https://apps.elfsight.com/p/boot/?w=45668da8-d186-468c-8b9f-d37564ac2286
Requested by
Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2438100a9549859f9f9af6987cc78a4d1e03500b28122a3734e8f3a2b0eeeccb
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
access-control-max-age
86400
access-control-allow-methods
GET
strict-transport-security
max-age=0
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
07115c0d3a0000dfc3cda37000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PkH%2FZS2W20B8V86tDsBOwNLi9W%2F5I9Le90XiPpl20RxENrzTVzYYhKmfOUguWEvnRHeqAM4AetKPr1pNP9ZYayHdaZhzUYWyD9vFhg4ANZvh7mSIbWrmR%2FALwQFVHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://gamerefund.ru
x-xss-protection
1; mode=block
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
602f2f8ec80adfc3-FRA
access-control-allow-headers
DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id
whatsappChat.js
static.elfsight.com/apps/whatsapp-chat/release/d3e10049-732d-49ec-a228-d9849aafa25c/app/
520 KB
141 KB
Script
General
Full URL
https://static.elfsight.com/apps/whatsapp-chat/release/d3e10049-732d-49ec-a228-d9849aafa25c/app/whatsappChat.js
Requested by
Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa5759fd5b8ed0ca05e485ab452b02cbeb5b07ad07b3dda50e50622a8cc81b47
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
753107
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
tx000000000000004f73e8b-005fcf955d-29d4bbe-sfo2a
cf-request-id
07115c0e3c0000dfc309988000000001
last-modified
Wed, 23 Sep 2020 14:53:28 GMT
server
cloudflare
cache-control
max-age=31536000
etag
W/"d473bdc2826601389a749287cbf46b80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J5SskXoe7tVWFJypvIC8np5CCU5uZGQ8yp75v7WtYNKPk6KCe%2FMwQHEk03j0776awsFCLsAxHh%2B5yTIoBWFUaKKuKXdESP8hbMDsd8ZdSXnPmEbUvQ0Jv7ZHP%2BLJN41A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-rgw-object-type
Normal
cf-ray
602f2f906abbdfc3-FRA
6h0HeYG_.jpg
uifaces.co/our-content/donated/
15 KB
15 KB
Image
General
Full URL
https://uifaces.co/our-content/donated/6h0HeYG_.jpg
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.108.228 Chatsworth, United States, ASN33494 (IHNET, US),
Reverse DNS
mail228.royals.unisonplatform.com
Software
AUTOM8N-nginx /
Resource Hash
612ce0fc7b41d49097d106cee4950c235960bd3ab058a5b4b63059ed132437e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:47 GMT
x-content-type-options
nosniff
cluster-host
royals.unisonplatform.com
content-length
15167
x-xss-protection
1; mode=block
last-modified
Tue, 04 Aug 2020 20:38:02 GMT
server
AUTOM8N-nginx
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=864000, max-age=864000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-API-KEY,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,C$
expires
Sat, 16 Jan 2021 08:13:48 GMT
whatsapp.png
elfsight.com/assets/chats/patterns/
107 KB
108 KB
Image
General
Full URL
https://elfsight.com/assets/chats/patterns/whatsapp.png
Requested by
Host: gamerefund.ru
URL: https://gamerefund.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdd6b52dd2e3813caf31713c1a106a5d5abec5dcecdbe097a162633f18f4f571
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gamerefund.ru/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Dec 2020 08:13:36 GMT
vary
Accept
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5520
cf-polished
origFmt=png, origSize=114536
content-disposition
inline; filename="whatsapp.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
110030
cf-request-id
07115c0ec90000dfc3beb58000000001
last-modified
Tue, 26 Feb 2019 11:09:08 GMT
server
cloudflare
etag
"5c751e54-1bf68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2MtvO1YsapG39W2D9dqzGZeG5cKnMeUL2V4PUa95q%2F2JmfOjT7U%2Bfujbk4N2TotZZ9SpYwT7C1C1q1LZ1TxLQoBkWW%2BYPhmhxJUESqYXgIxXWKxq4gKz9xU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-xss-protection
1; mode=block
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
602f2f914c17dfc3-FRA
cf-bgj
imgq:85,h2pri
truncated
/
417 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
gamerefund.ru
uosaofupmp.ru/track3/dcheck2/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uosaofupmp.ru
URL
http://uosaofupmp.ru/track3/dcheck2/gamerefund.ru

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated undefined| undef object| af number| lng string| htroot function| each function| extend function| get function| GetStyle function| RemoveClass function| AddClass function| TestClass function| GetPosition function| AttachEvent function| FireEvent function| Dumper function| dalert function| TreeWalk function| Text function| Html function| SendRequest function| InsertFlash function| GetCookie function| SetCookie function| Change3state function| GetElements function| InitCombo function| ReadUnion function| InitUnion function| InitTree object| hvalidate function| ValidateField function| ValidateForm function| GetColumn function| GetColumnCbox undefined| m_shift undefined| m_alt undefined| m_ctrl function| CheckMod function| InitConditional function| AddElement function| IsFixed function| GetZIndex function| CreateDropdown function| CreateDropSelect function| CreateFilteredDrop function| CreateFilteredSelect function| Draggable function| SetInputSelection function| Modal function| load function| Class function| listen function| emit object| io function| makeDatePicker function| Show function| Hide undefined| curel function| HideCurrent undefined| timeout function| SetCurrent function| CheckMouse object| __core-js_shared__ object| core object| eapps object| regeneratorRuntime function| eappsWhatsappChat

2 Cookies

Domain/Path Name / Value
.gamerefund.ru/ Name: sess_id
Value: 0c8cec3b41a10db228e21f9025ccbba5
.gamerefund.ru/ Name: __cfduid
Value: de6b35b0ec146a06438098c51114b36c21608192815

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
elfsight.com
fonts.googleapis.com
fonts.gstatic.com
gamerefund.ru
static.elfsight.com
uifaces.co
uosaofupmp.ru
uosaofupmp.ru
2606:4700:20::ac43:486a
2606:4700:3036::ac43:9ac6
2a00:1450:4001:81d::200a
2a00:1450:4001:825::2003
67.222.108.228
09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696
0e0096a5f546c7a9b5a6156e06826cb0d8f3e7297ec3483c9834ce96e9d36a81
1044ac80dd1aea07e2ef25ed9c0fdc8bf8c74f546fec290d5b6955c1cc3dfbf1
1227fa35f2eda495aa1f5a25be4944b03353c0b89b589d4adfdd835e6504e69e
2438100a9549859f9f9af6987cc78a4d1e03500b28122a3734e8f3a2b0eeeccb
299035e098f990531edc81bfcb2fc4204976379fab6157b622e5ba9d2eb762d5
3d24aba60d89d9c9fcb46a2e5be6cea5d712d6f9482ade5a24ddc36b1d84e189
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e
3ef4dce3108758f6f465ac01c9e3229e418e27c465155b478d651538d54da96d
4b3d88249f5f8cd1e145faa051534685b784434fa8147299eb02a9609290fe71
530779f3115d389b1dfa1348652cccf0aaa63ccdc16fed0c42e8321ab34fa2f0
587b55c9c9de02ca98421ac4b70516da257a0421f6ec0767721861c53f0ced96
612ce0fc7b41d49097d106cee4950c235960bd3ab058a5b4b63059ed132437e6
69ca57786aa550d6a90ef1a7c4f70130bc66afb9555172bab4f7960647f42915
74625e7bac303f469570865d5d6f3fa3aac04c35763681e0e225da1107a13627
85a6803095d88ee2fe310cc8dfd92c6ba431e5eea54e57000c290203d2c76da9
86bc7811131f314616690afb804ac3a9529a48154848a9e4416e292acb876107
881a786708061a429c2ae572ce9d9dd5d8dd52b89f0c0fd1eaf4ff3e059cd8af
940c14c9d24e05484c79b01c7bea21a92c72e361428e791671e99a41f46afa36
988e3891aa2cf691600219a906a7cfa541d1cf36df3c29a1377ecb2020077924
9e72ad302f1a6695fd18142d75e36e4af409b61e71343a855fbb732fde7274b1
aa5759fd5b8ed0ca05e485ab452b02cbeb5b07ad07b3dda50e50622a8cc81b47
bbe44f1402f9b5b10c073b1ec8a169c7f337458eebac9c67ec02e38d8bcd1bf3
c1468d2331dd9c18641f4a4c5c60986c1904f66114640c6ba425cdedd1993454
cdd6b52dd2e3813caf31713c1a106a5d5abec5dcecdbe097a162633f18f4f571
ce8ce5eb4c5e2c9ff0b2e837b76ed2962b3e19a19b63e6a943a2e42b1ed8c1f7
cf1947cd2f91aed687a716a20ce50b09320142b82fa59ed1d4eea479c3426204
fd186877f8d1a0daaa53579b7ab8f099233364f6a2918188fc22e4800bab0c46