refundincur.com Open in urlscan Pro
2606:4700:3032::6815:1238 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://refundincur.com/
Submission: On August 18 via automatic, source certstream-suspicious (August 18th 2024, 7:53:18 am UTC) — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 91 HTTP transactions. The main IP is 2606:4700:3032::6815:1238, located in United States and belongs to CLOUDFLARENET, US. The main domain is refundincur.com.
TLS certificate: Issued by WE1 on August 18th 2024. Valid for: 3 months.

This is the only time refundincur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3032::6815:1238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.185.68 142.250.185.68	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
39	172.67.180.109 172.67.180.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
25	172.67.15.14 172.67.15.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
91	12

11 2606:4700:3032::6815:1238 (United States)

ASN13335 (CLOUDFLARENET, US)

refundincur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 172.67.180.109 (United States)

ASN13335 (CLOUDFLARENET, US)

refundincur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	refundincur.com refundincur.com	32 MB
25	tawk.to embed.tawk.to — Cisco Umbrella Rank: 12323 va.tawk.to — Cisco Umbrella Rank: 12027	267 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 84
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	354 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773	989 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	41 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	245 B
1	gstatic.com www.gstatic.com	212 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	30 KB
91	10

	Domain	Requested by
50	refundincur.com	refundincur.com
20	embed.tawk.to	refundincur.com embed.tawk.to
5	va.tawk.to	embed.tawk.to
4	www.youtube.com	refundincur.com
4	www.googletagmanager.com	refundincur.com www.googletagmanager.com
2	www.google.com	refundincur.com www.gstatic.com
1	cdn.jsdelivr.net	embed.tawk.to
1	www.google.de	refundincur.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	code.jquery.com	refundincur.com
91	12

This site contains no links.

Subject Issuer	Validity	Valid
refundincur.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
tawk.to WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.de WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://refundincur.com/
Frame ID: F8AFFC7AEBDA3C23B690BECF7FD28F27
Requests: 79 HTTP requests in this frame

Frame: https://www.youtube.com/embed/CHc3dA-KUig?controls=0
Frame ID: 48AE9E4E9EFA90D18E9C4C0ACFB28554
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dvkIcYDRyRE
Frame ID: 4D5E221D125F4239C4504184D9568D34
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Xsb0vsRncC0
Frame ID: 1BC8B10F91268813C10A7875851EDFE6
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EeFH93QuoDo
Frame ID: 7FB2E30465C2A8C833EF2B4D0DFF5438
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2tzkpAAAAAOMTgOkHgNWrJ9RFjdh2WBwS9HQs&co=aHR0cHM6Ly9yZWZ1bmRpbmN1ci5jb206NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=js5fbote5j9r
Frame ID: B3BE0B8BEB7E404BEB287A6A997773CA
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/min-widget.css
Frame ID: 2039FE50B562EEF3F3BBAA1702B2FCFD
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css
Frame ID: 0DBDE0F2EDF2DACD2815728C41A211B7
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/max-widget.css
Frame ID: 5DB58E92804B9D186BB4C55D7CBD79DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legion Group

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

91
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

33576 kB
Transfer

35871 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
refundincur.com/ 32 KB
7 KB 151ms
115ms Document
text/html 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52155e15b3aaedb43c5e788f4c7f81dacf9fcc1b96a96c8e85400f06c1b56e06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b505423a8043835-FRA
content-encoding: br
content-type: text/html
date: Sun, 18 Aug 2024 07:53:11 GMT
last-modified: Tue, 09 Jul 2024 13:56:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZfXNf9gLH4ZQdmVbidzhgoVXPBAM%2F7dptgUYkfZgT8wnY84ccbA4jjPPgNUDb8LwIDGCNW%2B0t9fLwqiTH2j5IssLxlGKqtgUkElBQLYVyvqT0kL7NrfR8d3rObXrUeWuVd3%2FF9q6%2FNx2as2rcVQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css2
refundincur.com/ 527 B
857 B 88ms
86ms Stylesheet
text/plain 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3949202fbe0b3e516e919e804c4eeec0fc1507116db22678a1c3432aeee735

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "20f-611fc284f9980"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5Zjhr4xsrGIwPxlcbGDkFxEJWKkXA1%2BpOA%2BNwpJGjGXAGhONE7hZSz6GeSvDH43u9aET8LqZRPlTsIck5uVwN9%2BtpNv16MrHrrEPzaisr1RiC7JSWOUlUCAjUwiOy8wya53OWy65M%2BeroUNSig%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8b50542468d43835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 527

GET
H2 200 all.min.css
refundincur.com/ajax/libs/font-awesome/6.0.0/css/ 87 KB
18 KB 139ms
138ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e

Request headers

Referer
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15c84-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLAr%2BpH%2BcrQWupY7fAki9ioLQZPJ90Y49pU66xO4Mb0cxY4wObxnU3a9oZf%2FT10YN4imlZdhCd2vjjoqrBlf4KuPzzgKm%2FPZJWu86Ax%2F6A3q38GvAHLfyBYk3a9FlnfZEtlxeovo558pKcsct6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468d63835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 18395

GET
H2 200 modal.min.css
refundincur.com/lander/legionru/modal/ 6 KB
1 KB 128ms
126ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/modal/modal.min.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1218f77c7fc2118021b6a4f00e72b8af8ea089a3299c808a8aeb9d8b1ad36224

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1679-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nir1A2PDZUTL4ExWDfcOsVTd8f2zVHK%2FsEdUtxUALGUsBeY9glpDazf5WzkhlkhsqcxZgJ9YaHhB4dexuqLmDajxHsRbq0k9Lk8lPg4KPTloJ7hYw2yoHGAgQnjiQOFPqeGOg27zgpG6PEgKAfs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468d73835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1090

GET
H2 200 modal.css
refundincur.com/lander/legionru/modal/ 904 B
650 B 126ms
125ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/modal/modal.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d38253a284996d9a9b4f2218e41a836504d143f9a193d15e9e5a1c1345b769

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "388-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgOmXgRfh6nZ2x5L5Th1P6tVUCnG17ISlUrcACwt9GE35C1JGyZEeZAoArMH374%2BmBfbF4IltP9bwu75VqJg9NSPEowxyJUYXvmXsUghzRb1CPy4j0NF8wNKbUJkBqDoWL3jBgSTi7rbFQN%2FmbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468da3835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 343

GET
H2 200 myStyle.css
refundincur.com/lander/legionru/css/ 811 B
806 B 143ms
142ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/css/myStyle.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36df048166f6114d021944c3711714ab45691b3e6a5de2919d691e3e1075ff49

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "32b-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D12oZ0eXgC5NGRLwK0Rh7CHJYm1r%2FJu%2Bm3%2BCc%2FyomoJDgBaA%2FOHSPEDzRy6mN8hzheT0fbtwORoZh%2BhYplLhRdLkfGO0ZdJ%2BGdS1mpxfv%2FcL9qfEbjKOC5MkJR9gZkm3XYQ%2FlRLEtCInE2P9TKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468db3835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 461

GET
H2 200 style.css
refundincur.com/lander/legionru/css/ 16 KB
3 KB 117ms
116ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/css/style.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d1f565c401920d0afa5322899a8ca001bdabb28e82dee93f89c5f1147d93b0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "40fd-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1QDJ5E2MFkzUGsIq%2FZ76Tat67DJIkh45KwOoL2SCs%2Br%2B4ebPmOWUYhyr6rdCAIyGjHD6VAD10Vly91nzZmTyc6au8yl7eEoIu%2BNbvMaXrpbGRby%2Fdl6JewPa5boycMWsVigWFC44Pq4QnKnw1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468dd3835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3090

GET
H2 200 styleForm.css
refundincur.com/lander/legionru/css/ 2 KB
701 B 122ms
121ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/css/styleForm.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc76f62ead1a16791ddfa4efda84a74078bee5c292c12edecd7d37a34d2a68a

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "640-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u1k%2FOX1e%2F%2F5YELWaqlFFagN%2B47yLANvBKkotxNQvgAHVT27sifMBCtx%2Fvx51VsGjbMMk5rzQ%2BMR%2BJiVhcRfhY28glA3ZSI9GB%2F0nNHO0Jr%2FeLM46638UCOVwV52yDG0Hhz88i1EfkAS0NsC9AXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468df3835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 386

GET
H2 200 styleError.css
refundincur.com/lander/legionru/build/css/ 2 KB
997 B 118ms
117ms Stylesheet
text/css 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/build/css/styleError.css
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ea479d0a1885eec2b1da5a9a2c31dd19a8972d7872c7ca5b4aada492ab3db7

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "983-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ajoPaCmQoso2P3oiLhB5sF4Ostkm7B0yPxqLxllNKEMq1u8%2FXQ%2B23qMRezlyqapHrUm5okzSuLr%2FyCwMdWH7xtEGJu1nrR27Mu%2FBAJiGcyibSpk51ejWbpeep%2FxMaS3oTQvHcSVyiZtDhXuwsx4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468e03835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 689

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
989 B 36ms
20ms Script
text/javascript 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lc2tzkpAAAAAOMTgOkHgNWrJ9RFjdh2WBwS9HQs

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

6ecdd57d6149edbf8190c1b5ed2907aefba2dd013a722fb22aad93cbe08cbe32

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 18 Aug 2024 07:53:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
108 KB 80ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7MXB1NEGQ

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d326ef637168392f43edbe0549650e11c337e81298796f068fca997d51adfc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110129
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 07:53:11 GMT

GET
H2 200 main-logo.png
refundincur.com/lander/legionru/img/ 9 KB
10 KB 127ms
127ms Image
image/png 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/main-logo.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6e04571e5f3368590248ef88cf81a9597a9a2d6d45dc640d2621665249a4ec2

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2586-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJN187KKRf%2F3z7OiOHJnIozIhIAoShzvhNwRik2AeU%2BspgQtoAi5jE8Fq1hZPlwof6MFM4Au3WGpVUiq9Y2StCl3Z1wI2lNimzkG6I1vZfHPWviKttWynq3fwzMxs7P4bk1K1SicLh2s8Xw1Afg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468e33835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9606

GET
H2 200 notebook.png
refundincur.com/lander/legionru/img/ 7 MB
7 MB 649ms
649ms Image
image/png 2606:4700:3032::6815:1238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/notebook.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce6aa145d5b1688ae4ad4bf0f419f745b4b2bd051e7465be0b6337eab6ba6b8f

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "69ebd1-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EP%2FVuX%2FG1pe1lHvK%2F12mFTefWHmNvYUi36PmLLfARNSxTbkQUuiaOZARHOkYtfeDVeu9bSmrN%2FRjtHMzBq1ldJb9QL1OgqD3eZERJsV9BIGy2dCF97r2xLjaCxKRea5PT98YIHBF27JYbvoME3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50542468e43835-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6941649

GET
H3 200 i-logo.png
refundincur.com/lander/legionru/img/ 1 KB
2 KB 113ms
113ms Image
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/i-logo.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39b954eecb3efc8c1be9cd88d8c78d453bd4f5092f373f17d566b3f0411a914a

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "538-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPDpeVclG96ZMaqWLpiF8bnZGNgnvNaEdZJDuzP%2BWBEeNIjq8R%2B%2F18T52o7TUnbHeTsopvjn0BE1ZJZzZhQ%2FtYFKyoltxp6%2BpHT5hhpKcKIyLy8K0nTMi%2BKJyxwsvlw3D4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054253c11380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1336

GET
H3 200 2-1.jpg
refundincur.com/lander/legionru/img/slider/ 24 KB
24 KB 147ms
146ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-1.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 878068486987b5690b8191893eec4238808af5d51011769f45e0d7fb6e388bb5

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5eaa-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tB4w6f%2BjNIOdwm4AmQDf4FXvap055LV7XfUE9kQeMNApQauLmQEhW8dS2nU7zTZmTJsRw6%2BZL88v0IMsDza9f57ZXcMuoFjxfPwpOLsdA4wDGarBZVWv9AnEq%2BHe7TRbnqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054255c2c380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24234

GET
H3 200 2-2.jpg
refundincur.com/lander/legionru/img/slider/ 20 KB
20 KB 157ms
155ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-2.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54c96f346385844ffdcbfda6f7a17442e3a49b2c906fa99ec5659589a5d23f24

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4fdc-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVJ1qfrOUmbLVH4%2FmLfC5sJ2Rogd9IncFoTIDvs3v2mf%2Boi0Zdx07x391RZsz1%2Be6dSzumhq9tfwiY%2F6ndHuxFnD43yINM8racnPb%2BSaX1ZVp2Ic50S3pIWTDNZNKJ99ZEk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054255c34380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20444

GET
H3 200 2-3.jpg
refundincur.com/lander/legionru/img/slider/ 31 KB
32 KB 272ms
267ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-3.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba400e672fef696e65caace22f439e68eaa209180e22d92d506420649f79861e

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7ca6-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8bWMW9L4x%2FI%2FJuuIno2jmC%2FRGUABaC7uvoqKwjWRj02lBW%2BVh1fZnkS6cdUojGHczFH95tDQVr2W1Eio9CODaYgJMTeoZLX6XN7BX%2FGQGB5omA8sdoi%2Fz13qjShJdgfaLQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c46380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31910

GET
H3 200 2-4.jpg
refundincur.com/lander/legionru/img/slider/ 21 KB
21 KB 168ms
163ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-4.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17f8041c2096a0ce93e9668a7caced924ddc2ba0f153e355e89ac8c1323ea24d

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "52e2-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BG%2BCqB6a%2FmouEQhdUAiCHLPoMUxzq8v0gO9Zur9QJuvrWecXnpiimKm3YdLy3QufSPSWpRwz3RrmGuopp0QeVhewHferQyIVdn9Wjj%2F5GS4aAU6UCCGD6RwHezWPZojlDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c48380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21218

GET
H3 200 2-5.jpg
refundincur.com/lander/legionru/img/slider/ 21 KB
22 KB 181ms
176ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-5.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74e50db0ae12b6f1dad2551c86856a60dfc34d3c91eb875ec859d945895c40a

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "54b6-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SR5GGjI1N0KTYmRc2jW23jgc8CvMmtlH3edTrnr51MgDH0WVkHBMirQbC0hhZVInvbxgqODlB6j1WZu3ApkHoPVHuxzhJ25RxQ9kwntubYL4Jvab0VzF2yx6%2BpOnYpw5Ps4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c4d380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21686

GET
H3 200 2-6.jpg
refundincur.com/lander/legionru/img/slider/ 25 KB
26 KB 121ms
116ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2-6.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7bae5d04d088520f521922bd771aff8e28a68251903ba511ea797a3949ab848

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64a7-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SjFJiYU6FS1ibjtVxa70MN4JFwDxgWQ%2BvS6%2Fc1DA0auEXkVP3kBafyLht%2FdZQ993PysFmoRHrNBly%2BEWCYpTk%2FCVbIIIX85r7SORUJCpuQjE1PryL2pcIpaQhxtBSl%2BGzMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c54380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25767

GET
H3 200 1.jpg
refundincur.com/lander/legionru/img/slider/ 36 KB
36 KB 212ms
207ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/1.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275976564f4c5d5c9bfaeec43bbb78b98227813b8416ada66103810cf888e905

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8e8b-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cT5BoTZW1eAHdbUUGvTXdDgU2axGcLn3hbUCQ9824cQbLLGfDY0bA9lA2r8L3dMmLlKRzIP%2FiwVDZyUAAZHcpnqecH9QulVE5LqWkf8QOJZ%2BarmG3dml8gBUIgAM2JUL2w8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c59380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36491

GET
H3 200 2.jpg
refundincur.com/lander/legionru/img/slider/ 21 KB
21 KB 207ms
202ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/2.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca9bbda36b38b14ca6dea39386ca998543a7d82647ff9295d571bbe459d472ce

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5295-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UK7LzC3%2F2pSOv%2Fr1VT68mpPYdWELg0YqX%2FUILyX8hZLZ97KXv5MfXkzvwRbwLng6Bvt1VTCiRJ8Nmykp9R8yXxP8buDzBtT7tXTwM10hR4U1a9HFSoYdyNSw9rpnfF3FKqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c5b380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21141

GET
H3 200 3.jpg
refundincur.com/lander/legionru/img/slider/ 29 KB
30 KB 200ms
196ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/3.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a11b1952f06644c98f65dde7dbb2b6e16d0a0c006eff0e0461280714c71cfda7

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "7458-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FQcDQXuvUjhuZHFP887r7kmD19o%2FVm%2BSakPzD1KhDy38S%2FAZKkDBpXfEieiNWVeetwCWX4Jl%2Byo1aq4zN60RZzgQPGvGxrKaTqjt3yNWcs2Vq9zvMJQxul8xyHU7hNVThY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c5d380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29784

GET
H3 200 4.jpg
refundincur.com/lander/legionru/img/slider/ 33 KB
34 KB 181ms
176ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/4.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd72d28b51be92d8d60b4f2cd8de59729d7fc853b802e79708dcdbc30ec6f4bf

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "85b4-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ITnyCltuxx8O3eFXQ1oXGPpjrlNtzyiZ1YDlPPYY141b5lB%2Flq5Uq1kr%2Bxw2xJdxuwTO2rKdxXZPYIV%2BmkUpZ6hB%2Bn3urtiJ30LzzUh%2BkaoouKZaOE4UDXyEMSPB8NfC5%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c60380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34228

GET
H3 200 5.jpg
refundincur.com/lander/legionru/img/slider/ 22 KB
22 KB 187ms
183ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/5.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c081d4a71ad21d92bc2632245c875db11ac920a04b11afbb3c9a0b1ca18bbad5

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5774-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctzo2WYnvEycEkj7Hv3WeYRMmsBJr%2BZmNFRPmtm9OiHYRSJ6OfhpWqJ5LWKH9gTUsS7iKuxI%2BgcmAYCTPoLEJYn34dJ7OLHqxD8wF%2BjuHqNIraWDnYAV65dN6FMFBCYMDGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c62380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22388

GET
H3 200 6.jpg
refundincur.com/lander/legionru/img/slider/ 24 KB
24 KB 226ms
222ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/slider/6.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f256becf8659f21d7013cab6435d2036979b76c0fda309f2ef6601c2075510

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6031-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TWZ4uiYkm9ScslPCrLHNZr6VOI4xpPpUeD8wieQSVO2kAzM6PazA49n4m0%2BVJ1S1vO02bBR9J7KUyVHGbN0zb%2Bo%2F0F5ehShGZgznQzNCRQCjUyCbau0LRmKbLMl0hPiMYWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c64380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24625

GET
H3 200 lock.png
refundincur.com/lander/legionru/img/icons/ 3 KB
4 KB 177ms
173ms Image
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/lock.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4632ad3c115fdfccad883e9f6286fe7f443ca7ed9ece832144fb6e3d18c47b3

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dfa-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmyyKHL%2FOwDZaS0q3ih26k3AwZmuuKC2ZQJ0qL1jXXH196lzG0FZStPuWTFwKa%2BX9HM64uJ9tEPDOKm5xPe6d8vl4OjGEjwfPZhwBiKvw2FLfxENJQSvAFp5UEEM8ZN%2FbDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c6a380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3578

GET
H3 200 settings.png
refundincur.com/lander/legionru/img/icons/ 7 KB
8 KB 178ms
174ms Image
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/settings.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd93d501a471e8aa93734105411778b0f9534099ba01f0cf62d5c2159bd84ba

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1dfa-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqUaAm%2Bxcbd0emGfr05OMqV7B3iyYUCnZ1WcJGFgJ8qg00FwB43hfC2%2BlQTuetmMF%2Bquq%2BpJzTdnU7OBAcXlZ6kBXvW28F1Aa0%2BYr0EamEKr0I55q%2BVp5EQ%2FpCRuMkO8%2Fq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c6d380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7674

GET
H3 200 case.png
refundincur.com/lander/legionru/img/icons/ 4 KB
5 KB 194ms
190ms Image
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/case.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d83dd18decbcf5041b283d5b4ae3cd6fbd5c1bebc74f9704b832bf4723cdf7

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10fc-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=67jizx0UxDhw1I9pVIU5o%2Bqeb4Dm2GvKxCeZri6QULdto%2FDbvxBq5HMHk78VFNxX82nTSU0fDfQr33Lzmr5EZb5HNxilqnnFGi7glQzBMr6IMoeMj8mPhodnlo9xCwQjIKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c71380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4348

GET
H3 200 imageGrid.png
refundincur.com/lander/legionru/img/ 6 MB
6 MB 253ms
249ms Image
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/imageGrid.png
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ef585e30cec41001462ad9e83ba255eba7ec2cccd037605707b6d3b572c961

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "62607f-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWbQD8To%2B2JbFwKMsixnp7c0uaLezTUwFOdwRogwe%2B0XJ9aaRQxhfY25PJsp7qdPffr0%2BIq8jKZ%2FONR7g0IZ%2Bl472jN8hDnFz6eE3rtMk87njRN4NqPqpKOBb%2FeqSz9VmbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c72380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6447231

GET
H3 200 facebook.svg
refundincur.com/lander/legionru/img/icons/ 418 B
751 B 250ms
246ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/facebook.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ffb506c5ed63113dc28fe8681f6c6f09d323561a340653b5d497570bae044aa

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1a2-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqV5OF7FtOo0CFSAES5eGi%2BhhZR%2BDTAOadAGqWCxB9lJEAZQW10mIvQWuwBg%2F9%2FvY7XkU4KG1gpuLmm9djIFf4RKCEQnBnuYuYxBdYnqPT69n130RweSm6zML%2Bmk28N8mAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c75380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 281

GET
H3 200 youtube.svg
refundincur.com/lander/legionru/img/icons/ 674 B
858 B 215ms
211ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/youtube.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec331692f33f31c5e69146ce8e819118a0e21d61a288cdb1304ceb4ab6542a29

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2a2-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7Lo8M%2BwiIFEswPsbRDEaPAiwDsaAWLNz2%2BaAbRS9%2B8DkIR9EMh%2BlRLcAe%2F%2Buta9K%2BDXBevKVotO8jN7BicXN9U8BIa%2BQRyv5X7QHrsxV1mGRLexZ5K55%2Bt%2BtQiL32oncII%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c78380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 382

GET
H3 200 instagram.svg
refundincur.com/lander/legionru/img/icons/ 909 B
928 B 231ms
227ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/instagram.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f1d4c15473376e7986da208e8f3b17532650bcd31e2997615ca92295de7304

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "38d-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E%2FYeYqgz8xkVHupYK5YoBN8eVQ%2BtuT8gFr6yohq1EX0ZvNe%2BmoC0lz7MjsPwmA8PsfHTNGX2A%2BuzDy%2BIKBiVZaD7u60N%2B9u6KuGZPD%2Btvdo7paOsDcM2CtFQYfYAGWphpmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c7b380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 454

GET
H3 200 bootstrap.min.js Show response
refundincur.com/lander/legionru/modal/ 59 KB
16 KB 158ms
154ms Script
text/javascript 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/modal/bootstrap.min.js
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eab9-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kzoFWyYW6KbXLc3FRX%2FCBkoqssNo%2FH59LmJcPDCQHp%2F5oSY8eolqoYaIdXAvASy5tZzKr28pvXON3eov5t7zwDDP64TA5FUVXjdabOai2J%2FDTdQwkuuok0XlPNAxXbfNtKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054255c37380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15940

GET
H3 200 main.js Show response
refundincur.com/lander/legionru/js/ 620 B
753 B 118ms
114ms Script
text/javascript 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/js/main.js
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f86be48e15f364682714bf99bf5eaac0ba0d967736c1dec627a1dba36c129af

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26c-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FrdTR2AOL3uTClr4H9Mk8lEnjVZb4cSD6EP9%2BythcTJN9FCm7%2BH8rfs%2BzAYM9w3ZwnsoReRPr4dcbijXlqsp9uoe9lj3hfE8Jtqwy%2FPqkml8btxf4dYtePmlBcKZ17Xats%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054255c39380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 283

GET
H3 200 jQuery.js Show response
refundincur.com/lander/legionru/build/js/ 88 KB
31 KB 163ms
158ms Script
text/javascript 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/build/js/jQuery.js
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf5e50b1ac962ec10dfba4424fd35a5de3ea28363160f3f5939e7e7741c3ae95

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "15ec3-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkxfU9DU1b12097ddpHfPmZYWQvPaBKpUG9KLM9bhyjnpu60s%2FL9XfgqbbPDSlX5B%2F3lEWrZyNedpflO5GpZKZVK%2BgnHOMCwhPl%2FtECOVPfm53funHrwKAHk%2F%2FK44qv%2F9BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c40380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31045

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 32ms
8ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1543151
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 30336
x-served-by: cache-lga21978-LGA, cache-fra-eddf8230030-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723967591.279493,VS0,VE0
etag: W/"28feccc0-155ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 3, 222836

GET
H3 200 disabled.js Show response
refundincur.com/lander/legionru/build/js/ 291 B
664 B 122ms
115ms Script
text/javascript 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/lander/legionru/build/js/disabled.js
Requested by: Host: refundincur.com
URL: https://refundincur.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69cdb9fe749d9245a9c531e59f94b7971ac983f5d33904092f882995e2ecc1d9

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "123-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OX%2BhhjWw1FODfgrTvlhMztur4b%2BdMOX%2Btu7Jpo%2Bnx5KciKay9vxkmiGg1ajx00RFhMsXdJ%2Bvyx3cxMi9nsGXaKysq2OMYUED7DTGFdtHDdnVzhsWzWh8U2pZZjiBUCBGu1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c41380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 193

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/ 533 KB
212 KB 37ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lc2tzkpAAAAAOMTgOkHgNWrJ9RFjdh2WBwS9HQs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 16 Aug 2024 21:17:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216180
x-xss-protection: 0
last-modified: Mon, 29 Jul 2024 04:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Aug 2025 21:17:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 198 KB
71 KB 52ms
22ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NZMH55P

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8478d121dbe61d09b6b03bb9799544df67786fd8aa6c9584f38f4a10de9e50f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72715
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 07:53:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
67 KB 49ms
20ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MPXBT3Z5

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1a5f44d4a80971561e775e0b41b85b2e3b9040ded8bc175b0973cadfb4cb428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68577
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 18 Aug 2024 07:53:11 GMT

GET
H2 200 CHc3dA-KUig
www.youtube.com/embed/ Frame 48AE 0
0 113ms
84ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/CHc3dA-KUig?controls=0

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 07:53:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dvkIcYDRyRE
www.youtube.com/embed/ Frame 4D5E 0
0 107ms
79ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dvkIcYDRyRE

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 07:53:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Xsb0vsRncC0
www.youtube.com/embed/ Frame 1BC8 0
0 98ms
71ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Xsb0vsRncC0

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 07:53:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 EeFH93QuoDo
www.youtube.com/embed/ Frame 7FB2 0
0 112ms
86ms Document
text/html 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EeFH93QuoDo

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 07:53:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 background.jpg
refundincur.com/lander/legionru/img/ 335 KB
336 KB 262ms
259ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/background.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe72d6d603188924463740716e4565967fd84833386c24d6eca8c0486a64cee6

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "53d10-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBgrSgwn28zIG1lT9B5FMw195LOoJA6dqdwAjMXMtXOvlOwbA9HR1ECK%2B0i0DCpWpuknotPo5fRncigqsBumPe%2F6%2BCEVhzFJZ88f%2FwaWyicXjOhuaRKmuuzLdYfoeIHkkPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c80380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 343312

GET
H3 200 block_background.jpg
refundincur.com/lander/legionru/img/ 84 KB
85 KB 378ms
375ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/block_background.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7911a579d77fd74362771fca9c1995efb021b498abc58484cbaa3099ea8fc29

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "150cd-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPUczXjjueJwUucFKFrY%2Fg%2FPVyNMAYxvhgiQHu3VFRm9NnOdNgQdqlkR5lkSjIZOW%2Bf9%2BEXoFbH%2Bfb1tOBoRNyow6Kr7RynG9TFLdb6%2FrtJFlA25LMG4E1Reyz0uO9brRgA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c82380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 86221

GET
H3 200 1.jpg
refundincur.com/lander/legionru/img/team/ 21 KB
21 KB 215ms
212ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/team/1.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebf97f33c9dc0ecb256ff4662ee400d3cb435c65d67337bc7664e6ad5b80a14e

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "530c-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W1PO%2BdywDk3rvOsq8eSdO8jEbHKT4JQVQuXKMDqR%2Fp8JxFcIje7nkLronTB63%2Ba7fp%2FdEty8QLkyAkrHqzd%2FYn7L3WIGyomqfQtInw%2BZemn6k46qwk8p4rY0%2FrVFO15fdW0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c85380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 21260

GET
H3 200 2.jpg
refundincur.com/lander/legionru/img/team/ 95 KB
96 KB 369ms
366ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/team/2.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6afd084b9111462f3fba92f8c5404421867c897057b131d0d60098526005df01

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "17c4a-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xR%2B59oqiR%2FYxZFC2qNiT62RpSv2zAC8HJ09dEtWyquTqgh1XDbACMubSwi8Il3V1579R401mCvgXB2nCWUV3qqGn4H7GUrCFN0dE4gJIlqQntNyJu1a7D%2BrJr5F5fyZUiKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c89380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 97354

GET
H3 200 3.jpg
refundincur.com/lander/legionru/img/team/ 3 MB
3 MB 320ms
317ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/team/3.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1fd8ba5aa4586ca148fa060cda3a84ecad0b8227226638ee13192d7ced3e6a

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "288c81-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F5lwU6qiTV598KjVoe%2F3unwsH2zAox4I7tVgaYxT3MmVxO27m5RFb%2BcxpbY75Z3Cxw6CgQoIwK8NwL5LKeQ0OU2b02ePqv3iqy1IkoAHXBUyH2RTzBp%2F%2FKZ1d3xhvuD2zxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c8e380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2657409

GET
H3 200 4.jpg
refundincur.com/lander/legionru/img/team/ 15 MB
15 MB 278ms
276ms Image
image/jpeg 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/team/4.jpg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7157da00fde4ad578bba99955f9b8f2047769d49907cf26060219a7ff8af9f25

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f50ef0-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4d3sS2%2FYmDzFA9ZEpqjPp7I9Il5XFgVlkN9KzJNe4Jcr05daBUsAF5mn0cb8Wzy0ahA6CacKvcaDZi7v%2FJEuBhekDfjIhYgsGeqgfE0ly578BloAuL%2BEuSMFHnGNS7CoLos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c92380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 16060144

GET
H3 200 protect.svg
refundincur.com/lander/legionru/img/icons/ 4 KB
2 KB 329ms
326ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/protect.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7888ff5c616e58ee6d8a3f1c86ada70a66ddd9241fd3aa734cc058426e937843

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "eea-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jx5ONIQhf3kl2YpamSQZJitzTEAMC%2F9b0ZqJqpT8dGYMU2QdGb4Pv9PyOweYkTvEplhf9JvG4xdpINSeVQO8BdWrxs%2F3oxNTym%2Fs8Eb2ILINJE2eIvjDmirn1tXlxr4a41k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c96380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1262

GET
H3 200 repair.svg
refundincur.com/lander/legionru/img/icons/ 4 KB
2 KB 233ms
230ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/repair.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad0f47b9023fc86866d9dce8f256fc3b60c01ab9021487eb09c69c7f6f49744

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1161-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoeuZko%2B2h0%2FALM5OR0zynRAGJvJoEpYJ28f9bdy6hcvOX317BDZ%2B1mnQrayyiu6bvEytNGN7Q5q%2BHnIADHbVWFgg8L5cZ54CaqbwfQT%2BAVNp2WNrs1251kJCRnlw2u0YRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256c9d380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1478

GET
H3 200 lamp.svg
refundincur.com/lander/legionru/img/icons/ 7 KB
3 KB 261ms
258ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/lamp.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da225bad59043128b57ad6e627caeb92bd5f055eb5bbe32bda6e0c856e81e5de

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1b46-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4Ckh2I75muNipiYetLiPpt9hDyv3bYmFvE4%2Fz%2B3hoOkQ690DAhpf8nXVtw8XhN2mlf8b8AtxtblxoCrVsYxhq8kIwJqywmR%2Bb1QUd1Mgo5CjWMjMwKDQ4xLp2BYnxSVLso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256ca7380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2708

GET
H3 200 flower.svg
refundincur.com/lander/legionru/img/icons/ 9 KB
4 KB 261ms
258ms Image
image/svg+xml 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://refundincur.com/lander/legionru/img/icons/flower.svg
Requested by: Host: refundincur.com
URL: https://refundincur.com/lander/legionru/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef7fb95aff558f7fcd642dc48acf79999a3733c501aab898c99fef490a36fbdd

Request headers

Referer: https://refundincur.com/lander/legionru/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23b3-611fc284f9980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2F9iSt%2Bwmwn29xNqgQoWVJNb4S8%2BJJOCfkXyXpGPRvilTxpBMKS1wRT%2BYvi4Lzuc9CRIfnJcwl23gLSQYvXqFm%2FxHXI2qtPvhIES%2BRgaL9LNgIoIHa7pMXMyBlWgOzJiZdc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256cad380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3845

GET
H3 200 KFOmCnqEu92Fr1Me5Q.ttf
refundincur.com/s/roboto/v30/ 127 KB
68 KB 322ms
321ms Font
font/ttf 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf
Requested by: Host: refundincur.com
URL: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae

Request headers

Referer: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1fa30-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjEnASGqioy8Fgshc3%2FqxXxWDTGU5TDDOH92nLH93Pfwl0y0Pc8rna60JtDMFrodIQDLxwa1JkUPaJcVi4J1uh0sncaxNRAjYwumpcthQ6hvO%2B1tLC1sKBupJHvhXXdb4qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 8b5054256cb1380e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 KFOlCnqEu92Fr1MmWUlvAw.ttf
refundincur.com/s/roboto/v30/ 126 KB
68 KB 298ms
298ms Font
font/ttf 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAw.ttf
Requested by: Host: refundincur.com
URL: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a2f9d2c6a99fb8de9bf674373c4082cde84253311808ca80db6582266962ef

Request headers

Referer: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f6a4-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojwbnjFfp%2BbJJPav4XNPqYOb%2BemJNlUcRT3Xx6BxvdACXSbewrcgp5%2FTrp%2FPNg32H8IUbg2KlfIsdwa1hwqng82lOIMRMV5juKfDgsIvMjTKiz3kLNpU%2BJycDzmmd%2BeY8nE%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 8b5054256cb4380e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fa-solid-900.woff2
refundincur.com/ajax/libs/font-awesome/6.0.0/webfonts/ 124 KB
124 KB 705ms
705ms Font
font/woff2 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/ajax/libs/font-awesome/6.0.0/webfonts/fa-solid-900.woff2
Requested by: Host: refundincur.com
URL: https://refundincur.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d

Request headers

Referer: https://refundincur.com/ajax/libs/font-awesome/6.0.0/css/all.min.css
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ef6c-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOJMtVhXDcX3sgFtxIyJ29QpF7L0Y36YYAysmx9fb%2FDGotgLy4NEW7QgjwIrLbr7fnomr6KCerpM1Q5DhUvi0ZQlReyJbUCCxzpMKhTXHFlKJ07vigBaMNr%2FR1%2BOnVVn4Nc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b5054256cb6380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 126828

GET
H3 200 KFOlCnqEu92Fr1MmSU5vAw.ttf
refundincur.com/s/roboto/v30/ 125 KB
68 KB 709ms
709ms Font
font/ttf 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5vAw.ttf
Requested by: Host: refundincur.com
URL: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92d3691e4f73b8e7887894bd772e09793aa38cba36cbff55ff10dc7b0771b074

Request headers

Referer: https://refundincur.com/css2?family=Roboto:wght@300;400;700&display=swap
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1f500-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sG1qrXv9ytCuGgSzThDJRax%2BMD7SFda5mW8%2FvnqI%2F9lRRqg90gSapQFM7fNA6nsmVk2QsDr%2FpL2cQ4ycmWr5ioyu2AZdy0yumnVrxtl%2BfRICvuGuEnnitYbE%2FwWkuAO%2BY9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
cf-ray: 8b5054256cba380e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 1hovuu0bd Show response
embed.tawk.to/65f3b1ea9131ed19d97a0ca9/ 2 KB
974 B 364ms
352ms Script
application/x-javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfcd0c019f342bf9b241cb6fa0b20cd2b34690cc9880a2bc0b300ae277a24738

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"stable-v4-66b9ed69fcc"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8b5054260dfc90f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
108 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V7MXB1NEGQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MPXBT3Z5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac7e3ebb93a831b8ac1e1512600a2e58a5b5cab6c4815f92353513d7e516d727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 18 Aug 2024 07:53:11 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 80ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-V7MXB1NEGQ&gtm=45je48e0v9178213493za200zb9175354589&_p=1723967591260&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101403289&cid=939690485.1723967591&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1723967591&sct=1&seg=0&dl=https%3A%2F%2Frefundincur.com%2F&dt=Legion%20Group&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=456
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V7MXB1NEGQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 07:53:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refundincur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 92ms
19ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V7MXB1NEGQ&cid=939690485.1723967591&gtm=45je48e0v9178213493za200zb9175354589&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=101403289
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V7MXB1NEGQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 07:53:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://refundincur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 76ms
42ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V7MXB1NEGQ&cid=939690485.1723967591&gtm=45je48e0v9178213493za200zb9175354589&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&tag_exp=101403289&tag_exp=101403289&z=374651254

Requested by

Host: refundincur.com
URL: https://refundincur.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 18 Aug 2024 07:53:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame B3BE 0
0 58ms
34ms Document
text/html 142.250.185.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc2tzkpAAAAAOMTgOkHgNWrJ9RFjdh2WBwS9HQs&co=aHR0cHM6Ly9yZWZ1bmRpbmN1ci5jb206NDQz&hl=de&v=hfUfsXWZFeg83qqxrK27GB8P&size=invisible&cb=js5fbote5j9r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/hfUfsXWZFeg83qqxrK27GB8P/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XgxaI6daD9-LZPEJATRG5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://refundincur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-XgxaI6daD9-LZPEJATRG5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 18 Aug 2024 07:53:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 121 B
342 B 126ms
125ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0890f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 81 KB
32 KB 239ms
239ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0990f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 212 KB
71 KB 233ms
233ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"77a40166698f808a0942865537165b0f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0a90f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 223 KB
63 KB 246ms
246ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e657c8ec36f5d2911c491e86848a138ee6734c5b20d0fa3ad6cf4f4bf0452382

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"f31c0e7d1b3edd0ae357a03eb6542b32"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0b90f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 2 KB
1 KB 128ms
128ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4bb23fa563d1f929c4c85126e170270fe5f5322271e9c6af29baafc5be4d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
cf-cache-status: MISS
etag: W/"c2d9fe2531b3510db26e5d705ed88259"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0e90f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 151 B
366 B 130ms
130ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/65f3b1ea9131ed19d97a0ca9/1hovuu0bd

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b50543c6b0f90f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.png
refundincur.com/ 458 B
910 B 111ms
111ms Other
image/png 172.67.180.109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://refundincur.com/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8250b70fc8f4504c9ede4523400a76fe951f8a898d2ada4b330bd2d59a899b

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Feb 2024 17:56:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ca-611fc284f9980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5bTHcPON%2Bt7Y6%2FmozpJ8z1tcoiMLJiwo2hdnMEc9ZSEyZyqaf%2B6ro9JpYUERgDfAOTe3y%2FSP6rgZb9bFmWi3hZq8DLacdcUI29CQAtbxUgB0rXUF0%2BrvbojSzQ5XOcUSjeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b50543da88f380e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 458

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 400ms
399ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=65f3b1ea9131ed19d97a0ca9&widgetId=1hovuu0bd&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49ddda06d7d2f8defd66cc0e408b42a3142b1a0310e55d06beef8a432802c3e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-lqcf
server: cloudflare
etag: W/"2-18-0"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
vary: Accept-Encoding
cf-ray: 8b50543ebd1590f4-FRA
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 123ms
123ms Preflight
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://refundincur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://refundincur.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8b50543ecd1790f4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 18 Aug 2024 07:53:15 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-3rtc

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 212ms
199ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f0c17807b3cfc27666f3a6055b6471691614bdf56f878fea83412726f42f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-19zr
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://refundincur.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8b50543f9c7c92a1-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 ru.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/languages/ 21 KB
6 KB 21ms
21ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/languages/ru.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6785ae228db2a7cbd91a547b575d53bcfb3c1da2a170febdc9f858d4fe71d157

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 347148
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:01 GMT
server: cloudflare
etag: W/"f35024179391efd5cb1a55f62b9752bb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054413dde92a1-FRA

GET
H3 200 twk-chunk-bf24a88e.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 10 KB
3 KB 18ms
18ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"c96127c9a0429d69fecbeb73fd410443"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416dfc92a1-FRA

GET
H3 200 twk-chunk-71978bb6.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 18 KB
5 KB 15ms
15ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-71978bb6.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62708fa9269f3f5716874a7555a0caf9f588eae57a67a01fca993388805aa175

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"b6db854f6c5937b2d0379d5ed35a5bfc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416dfd92a1-FRA

GET
H3 200 twk-chunk-7c2f6ba4.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 5 KB
2 KB 16ms
16ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-7c2f6ba4.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3e8129569fa2885592b96e0f8d8fa60ce41e6726c6a832b4419a26a9819632

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"86d7b0db9e7d5783e209db92cbad3226"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416dfe92a1-FRA

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 19 KB
6 KB 21ms
21ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db4c1518ec54350dc468a18f7c72ed390aa76b0e298d12ce05dc2784cbfa9917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"d50605fbf68e92ee38e766922bbf1f86"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416dff92a1-FRA

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 906 B
662 B 23ms
23ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416e0292a1-FRA

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 535 B
574 B 16ms
16ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416e0392a1-FRA

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/66b9ed69fcc/js/ 117 KB
30 KB 21ms
21ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ac17b2bc6a5fa4abec70cfa0f75f930069eceae56889aeec120eca5c8e643ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 504829
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"f8598795cf4c2cd67ff6bceecd014f50"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054416e0492a1-FRA

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 2039 24 KB
5 KB 19ms
19ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 504828
cf-polished: origSize=24809
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"2d7f176b563b25833791f4844819b5ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b5054419e2692a1-FRA

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 0DBD 41 KB
8 KB 18ms
18ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 504828
cf-polished: origSize=42291
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"471037caa670344edd2ca8e96bbc2125"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b505441ae2f92a1-FRA

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/66b9ed69fcc/css/ Frame 5DB5 78 KB
15 KB 20ms
20ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 504828
cf-polished: origSize=79618
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 12 Aug 2024 11:10:00 GMT
server: cloudflare
etag: W/"723e419e84738507cad9c170c4f9051b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b505441ce3e92a1-FRA

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 54ms
17ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9143730
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 41275
x-served-by: cache-fra-etou8220140-FRA, cache-lga21966-LGA
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIq6vtHv7cqnUDL5Xem3%2BqXkW9ejHO80zDrdNT7BADS3Wf5RzZOx9vPCKwUPRRAfG4D8PTEe%2FH2GNKg5oI2XnhNAE5Me2xTCzezujs3HlABd%2F%2Bj7NhmFdfd9IlPMPfGL8vSEjtlgm7FTBePncs0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b50544209e09112-FRA

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 122ms
121ms Preflight
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://refundincur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://refundincur.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8b5054449ac490f4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 18 Aug 2024 07:53:16 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-lt2f

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
282 B 125ms
124ms Fetch
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://refundincur.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 18 Aug 2024 07:53:16 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-2cmw
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://refundincur.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 8b5054455b5a90f4-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H3 200 default-profile.svg
embed.tawk.to/_s/v4/assets/images/ Frame 0DBD 4 KB
2 KB 17ms
17ms Image
image/svg+xml 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/default-profile.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2172359
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:18 GMT
server: cloudflare
etag: W/"eacd4642ddb798db835cf8f285bbbb19"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8b505448cb6792a1-FRA

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 0DBD 10 KB
11 KB 131ms
130ms Font
font/woff2 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://embed.tawk.to/_s/v4/app/66b9ed69fcc/css/message-preview.css
Origin: https://refundincur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 18 Aug 2024 07:53:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Sat, 22 May 2021 07:25:13 GMT
server: cloudflare
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
accept-ranges: bytes
cf-ray: 8b505448ce8a90f4-FRA

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XAg9Wsw3mPU
.youtube.com/	1970-01-21 03:11:59	Name: VISITOR_INFO1_LIVE Value: jlRWV2eIvtw
.youtube.com/	1970-01-21 03:11:59	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgXQ%3D%3D
.refundincur.com/	1970-01-21 08:28:47	Name: _ga_V7MXB1NEGQ Value: GS1.1.1723967591.1.0.1723967591.60.0.0
.refundincur.com/	1970-01-21 08:28:47	Name: _ga Value: GA1.1.939690485.1723967591
refundincur.com/	1969-12-31 23:59:59	Name: twk_idm_key Value: fGW0pdp0_jzjiGlnFdkw9
refundincur.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.refundincur.com/	1970-01-21 03:11:59	Name: twk_uuid_65f3b1ea9131ed19d97a0ca9 Value: %7B%22uuid%22%3A%221.WrxKgCOsPlxCaAIEUdTMsR6WwdJD0EgHGI2M6ZsYxzFucgD3KEEyIElvVXUSBrXuEuVkNOeEV5AiWKgCPalOeq9Lc2RHFrHMCPYBrjAIpMVXSSKJNsArYP9P3%22%2C%22version%22%3A3%2C%22domain%22%3A%22refundincur.com%22%2C%22ts%22%3A1723967595750%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
embed.tawk.to
refundincur.com
region1.analytics.google.com
stats.g.doubleclick.net
va.tawk.to
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
142.250.185.68
172.217.16.195
172.67.15.14
172.67.180.109
2001:4860:4802:32::36
2606:4700:3032::6815:1238
2606:4700::6812:bb1f
2a00:1450:4001:802::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:813::2003
2a00:1450:400c:c07::9a
2a04:4e42::649
1218f77c7fc2118021b6a4f00e72b8af8ea089a3299c808a8aeb9d8b1ad36224
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
16d83dd18decbcf5041b283d5b4ae3cd6fbd5c1bebc74f9704b832bf4723cdf7
17f8041c2096a0ce93e9668a7caced924ddc2ba0f153e355e89ac8c1323ea24d
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
21f0c17807b3cfc27666f3a6055b6471691614bdf56f878fea83412726f42f10
275976564f4c5d5c9bfaeec43bbb78b98227813b8416ada66103810cf888e905
2a1fd8ba5aa4586ca148fa060cda3a84ecad0b8227226638ee13192d7ced3e6a
2d4bb23fa563d1f929c4c85126e170270fe5f5322271e9c6af29baafc5be4d12
36df048166f6114d021944c3711714ab45691b3e6a5de2919d691e3e1075ff49
39a2f9d2c6a99fb8de9bf674373c4082cde84253311808ca80db6582266962ef
39b954eecb3efc8c1be9cd88d8c78d453bd4f5092f373f17d566b3f0411a914a
39ef585e30cec41001462ad9e83ba255eba7ec2cccd037605707b6d3b572c961
3a3e8129569fa2885592b96e0f8d8fa60ce41e6726c6a832b4419a26a9819632
3bc76f62ead1a16791ddfa4efda84a74078bee5c292c12edecd7d37a34d2a68a
3ffb506c5ed63113dc28fe8681f6c6f09d323561a340653b5d497570bae044aa
45f1d4c15473376e7986da208e8f3b17532650bcd31e2997615ca92295de7304
49ddda06d7d2f8defd66cc0e408b42a3142b1a0310e55d06beef8a432802c3e3
52155e15b3aaedb43c5e788f4c7f81dacf9fcc1b96a96c8e85400f06c1b56e06
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
54c96f346385844ffdcbfda6f7a17442e3a49b2c906fa99ec5659589a5d23f24
5c36e28c9a7bd864b673e223db7e1934923227536ffbdf871f58b6f09b9ac8c9
5f3949202fbe0b3e516e919e804c4eeec0fc1507116db22678a1c3432aeee735
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
62708fa9269f3f5716874a7555a0caf9f588eae57a67a01fca993388805aa175
6785ae228db2a7cbd91a547b575d53bcfb3c1da2a170febdc9f858d4fe71d157
69cdb9fe749d9245a9c531e59f94b7971ac983f5d33904092f882995e2ecc1d9
6afd084b9111462f3fba92f8c5404421867c897057b131d0d60098526005df01
6ecdd57d6149edbf8190c1b5ed2907aefba2dd013a722fb22aad93cbe08cbe32
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70d38253a284996d9a9b4f2218e41a836504d143f9a193d15e9e5a1c1345b769
7157da00fde4ad578bba99955f9b8f2047769d49907cf26060219a7ff8af9f25
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
7888ff5c616e58ee6d8a3f1c86ada70a66ddd9241fd3aa734cc058426e937843
7ac17b2bc6a5fa4abec70cfa0f75f930069eceae56889aeec120eca5c8e643ec
7ad0f47b9023fc86866d9dce8f256fc3b60c01ab9021487eb09c69c7f6f49744
7dd93d501a471e8aa93734105411778b0f9534099ba01f0cf62d5c2159bd84ba
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
878068486987b5690b8191893eec4238808af5d51011769f45e0d7fb6e388bb5
8d321d88cb97fdedc3189506c25de9292c6e73a60ebaab496243346c6404480e
92d1f565c401920d0afa5322899a8ca001bdabb28e82dee93f89c5f1147d93b0
92d3691e4f73b8e7887894bd772e09793aa38cba36cbff55ff10dc7b0771b074
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9f86be48e15f364682714bf99bf5eaac0ba0d967736c1dec627a1dba36c129af
a11b1952f06644c98f65dde7dbb2b6e16d0a0c006eff0e0461280714c71cfda7
a5ea479d0a1885eec2b1da5a9a2c31dd19a8972d7872c7ca5b4aada492ab3db7
a6f256becf8659f21d7013cab6435d2036979b76c0fda309f2ef6601c2075510
a74e50db0ae12b6f1dad2551c86856a60dfc34d3c91eb875ec859d945895c40a
ab42d7c37f7928197cf2fb60407d97ebf6b8316f5bd3007d33b49d4ca0559e03
ac7e3ebb93a831b8ac1e1512600a2e58a5b5cab6c4815f92353513d7e516d727
b7911a579d77fd74362771fca9c1995efb021b498abc58484cbaa3099ea8fc29
ba400e672fef696e65caace22f439e68eaa209180e22d92d506420649f79861e
c081d4a71ad21d92bc2632245c875db11ac920a04b11afbb3c9a0b1ca18bbad5
c7bae5d04d088520f521922bd771aff8e28a68251903ba511ea797a3949ab848
c8478d121dbe61d09b6b03bb9799544df67786fd8aa6c9584f38f4a10de9e50f
ca9bbda36b38b14ca6dea39386ca998543a7d82647ff9295d571bbe459d472ce
cd72d28b51be92d8d60b4f2cd8de59729d7fc853b802e79708dcdbc30ec6f4bf
cd8250b70fc8f4504c9ede4523400a76fe951f8a898d2ada4b330bd2d59a899b
ce6aa145d5b1688ae4ad4bf0f419f745b4b2bd051e7465be0b6337eab6ba6b8f
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
cf5e50b1ac962ec10dfba4424fd35a5de3ea28363160f3f5939e7e7741c3ae95
cfcd0c019f342bf9b241cb6fa0b20cd2b34690cc9880a2bc0b300ae277a24738
d30ef5a13391aefdea0738a1e15d88c19e986f865409f9457e5c7d8468e15817
d326ef637168392f43edbe0549650e11c337e81298796f068fca997d51adfc39
da225bad59043128b57ad6e627caeb92bd5f055eb5bbe32bda6e0c856e81e5de
db4c1518ec54350dc468a18f7c72ed390aa76b0e298d12ce05dc2784cbfa9917
df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4632ad3c115fdfccad883e9f6286fe7f443ca7ed9ece832144fb6e3d18c47b3
e657c8ec36f5d2911c491e86848a138ee6734c5b20d0fa3ad6cf4f4bf0452382
e6e04571e5f3368590248ef88cf81a9597a9a2d6d45dc640d2621665249a4ec2
ebf97f33c9dc0ecb256ff4662ee400d3cb435c65d67337bc7664e6ad5b80a14e
ec331692f33f31c5e69146ce8e819118a0e21d61a288cdb1304ceb4ab6542a29
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7fb95aff558f7fcd642dc48acf79999a3733c501aab898c99fef490a36fbdd
f1a5f44d4a80971561e775e0b41b85b2e3b9040ded8bc175b0973cadfb4cb428
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe72d6d603188924463740716e4565967fd84833386c24d6eca8c0486a64cee6

refundincur.com Open in urlscan Pro 2606:4700:3032::6815:1238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

67 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

33576 kBTransfer

35871 kBSize

8 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

refundincur.com Open in urlscan Pro
2606:4700:3032::6815:1238 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

33576 kB
Transfer

35871 kB
Size

8
Cookies

91 HTTP transactions
0 data transactions