get.steamrefund.com Open in urlscan Pro
2606:4700:20::681a:93  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

• https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response get.steamrefund.com/	102 KB 12 KB	222ms 109ms	Document text/html	2606:4700:20::681a:93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecfc4f54720f9545252010525795d2e787de7f4da83217c2d8ca463066cfbbd7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 79eb030f4c932c23-FRA content-encoding br content-location https://get.steamrefund.com/ content-type text/html; charset=utf-8 date Fri, 24 Feb 2023 20:39:40 GMT link <https://get.steamrefund.com/>; rel="canonical" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dzZIhSyrEZVpY1ltOVMG%2BcobNr8qHs6b615jugkdnCB7Qb6bd3IvnC%2FyZFbNNcT%2BcGGQhi1QioRM2m%2BdgY4IiS%2FxJ6XOsT0PEl2vjl7SrGZEgBhbxO%2Bb7J6K1FZmXo3d9mD7zEQyQaw44VSUmP786U%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-proxy-backend page-server x-unbounce-pageid d526434c-0dc6-4d14-b154-0300c8623898 x-unbounce-variant i x-unbounce-visitorid 86145f5c-4f9c-48a0-b72f-7a49893356bb
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	136ms 41ms	Stylesheet text/css	13.224.189.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-14.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sat, 21 Jan 2023 01:22:01 GMT content-encoding gzip via 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront) x-amz-version-id F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug last-modified Wed, 23 Nov 2022 23:24:30 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 3007060 etag "3d27e56a34e34b278ab5e182cbc3b587" x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000 accept-ranges bytes content-length 2902 x-amz-cf-id 4kAphALcGzjLkJUH8gwgiVwTBukf8GEBeiUXZ-xmmiJD5ogsutKmPA==
GET H2	200	ub.js Show response d34qb8suadcc4g.cloudfront.net/	5 KB 2 KB	146ms 41ms	Script application/javascript	2600:9000:21f3:b800:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 17 Jan 2023 21:41:41 GMT content-encoding gzip via 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront) x-amz-version-id TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06 last-modified Tue, 17 Jan 2023 21:14:25 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 3279480 etag "fde4d3457a50df6eb5c2e00c8f2ae5b3" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 1865 x-amz-cf-id mLQe7-dDyHEZFcUyRiaQ-rsO1iIWNEugNsdNjYwQF51GD_SnGtUpGQ==
GET H2	200	main.bundle-e1f0b93.z.js Show response builder-assets.unbounce.com/published-js/	104 KB 34 KB	49ms 48ms	Script application/javascript	13.224.189.14 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.14 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-14.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 09 Feb 2023 23:57:42 GMT content-encoding gzip via 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront) x-amz-version-id 17zN0KsTjJudzmBpRx16GR4geRdzQrok last-modified Thu, 09 Feb 2023 23:08:27 GMT server AmazonS3 x-amz-cf-pop FRA2-C1 age 1284119 etag "66a5c759b0a898469971e281c08667e4" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 33858 x-amz-cf-id bqW6QuaCTLCPhwUZzZOj-JJcA6vQ_uOz3y61df-YWgYQsy2B0X_iAQ==
GET H2	200	gtm.js Show response www.googletagmanager.com/	202 KB 71 KB	150ms 62ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 45c8717ad3426823f5c92abc8dd1b0f6e11b49d633888f4664b317b8792ea26d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72399 x-xss-protection 0 last-modified Fri, 24 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Feb 2023 20:39:41 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	a2e9656d-clock-1-1_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	346 B 740 B	142ms 44ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/a2e9656d-clock-1-1_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 60b708e3bb317a230cc4346b52705c032293a83e7d5be775b02b4d4a36db1005 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id MBKM2YmkxkWQ.Dp8MOhDFOeSeF4E_uuT via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "21f7e4024fe781f6872e77550d7878dd" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 346 x-amz-cf-id C5XRKfG1Z-5jPGg6aywBUJzr-DUz8f9W1hHu45AC56511IetOM-0fQ==
GET H2	200	fac8add4-image-2-1_100000006v01o005000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	2 KB 3 KB	184ms 87ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/fac8add4-image-2-1_100000006v01o005000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash bc8eb177d036c7cd7e85f0d2637e8746d5c0740b01fb15fca100d02d37179854 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 17 Feb 2023 11:36:20 GMT x-amz-version-id YuQId_szLthrVBYT6qav4x_lP5KVBHhs via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 637402 etag "1a28d3042196b4c4f1f9dc115b3e1f45" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 2343 x-amz-cf-id YYVrzY7h2K95e5t_kOZcswgZ9D2QRYAyyCkpjgghDawARoTMs7dXeQ==
GET H2	200	8453c52c-clock-1-1-1_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	343 B 762 B	189ms 121ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/8453c52c-clock-1-1-1_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f4c3f82ae776b8b8d671b408dedb33b9a5d686d95364f717e266b32cfa203cf1 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 20:15:03 GMT x-amz-version-id lGcYzHosL678sLBXyNLpZ8wcYYPJIk3y via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 174279 etag "e216486dfac8d05d20d4bef7a8fef248" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 343 x-amz-cf-id 39CRboWBxQqsTQTuYv07LwjVYu2CBQs4Ss-PNvu_cAuoGQ0W8Tl2wg==
GET H2	200	c322f31c-text_109p0dr09p0dm000002028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	4 KB 4 KB	191ms 123ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c322f31c-text_109p0dr09p0dm000002028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f3666734f174182f2d79c2df7c7f2f090e9145c9b3c11fc88d6b0c55c4cdc3f9 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 21:28:57 GMT x-amz-version-id 2.CFGPdIAFOISwEFH3q9OHbwG7RvdWF6 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 169845 etag "8717cccd0a52ed71f02eec47eeed6a3b" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 3770 x-amz-cf-id gmX-jJHPNfXibd-zrtZjYpH5bBxnsI3JB1INEe0jWxHIJyJqA9vDZg==
GET H2	200	250407a9-image-4_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	29 KB 29 KB	161ms 93ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/250407a9-image-4_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 47c216405bccefbb00850fdcccd7d5564d08ce79b7ad6dacc8de1cadf950c058 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 15 Feb 2023 00:29:51 GMT x-amz-version-id aqVVPGL8b2fCLiWr6q3Y2_EmpEMGlA65 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 850191 etag "3a59045fde0d892f8d4db1f479c48440" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 29518 x-amz-cf-id bi-wwad10TjscALqfBEaBDaxjaX8ihTaCZaeZDIy56z7TRlyCqvuWw==
GET H2	200	c322f31c-text_100000009q0dm000003028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	4 KB 4 KB	189ms 121ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c322f31c-text_100000009q0dm000003028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 8c26672ebbdc05b3df3cb7cdf0df7adec2270d48d825794d2b5acece0e0593c2 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 21:28:57 GMT x-amz-version-id 1tpEh31eZl2k3ZQlHbzFVnqR6cJOgQv8 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 169845 etag "4943afa09d04b3ce9c6c3c8d6110c12d" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 3696 x-amz-cf-id IwvXJQwUc1e-dPmXIjknKs_nJ9UMDA_fM-vNh8FPgSIRjdDjk5ioDw==
GET H2	200	a4390c0b-image-5_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	25 KB 25 KB	116ms 113ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/a4390c0b-image-5_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 3743412b57357daf43fd8569ba1b09fe85a8663d7c9f3d785536cd3c1aa1f1b7 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id imBFLy3be_ri_qxEeXO84baliY5J3Psk via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "83169cf5046bbd036e065442e6416075" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 25297 x-amz-cf-id oUbp2jdg-3PvRWOsmeJS_AIIU8sxFR7CGOqC0-kgtasyaRdWcwV3oA==
GET H2	200	9b8a36c8-image-6_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	29 KB 29 KB	135ms 132ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/9b8a36c8-image-6_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 0b3b74da243a5a5b5b2e0fb7126ada08685b838afb684d4857f80d677613b282 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id 5v_QBW54_D3hvjDQ9GR_wKOLRaJjDRbV via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "eca86620777d6b5d0e88e4de1bc02b94" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 29738 x-amz-cf-id -Tog-S65gJhRPxc9FAo3pyaHSFZVgtbwpHs9HX26ilO3XTBe1C98Pg==
GET H2	200	f0c35cff-image-97_100000000000000000001o.jpg d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	44 KB 45 KB	111ms 51ms	Image image/jpeg	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/f0c35cff-image-97_100000000000000000001o.jpg Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash d7ec4180be0bee401745f81e14821e442e17fcdb19c6a9b90986c783e0584c90 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id PZBIf.80cuOcGrlCDI30jERkeg7lcq8y via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "0965bb37f74382f731e2d4eb871002d7" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=31557600 accept-ranges bytes content-length 45430 x-amz-cf-id ax54Ix2QxZPxCMJya_DArO1-u5maIScSOdE3LdxtXiZNcTv2mv95cQ==
GET H2	200	invisible.js Show response get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 9EB4	33 KB 14 KB	47ms 47ms	Script application/javascript	2606:4700:20::681a:93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677268800 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7279da8e2f7a2927252367fe8d299ccd8db99e83867190ebda6df638e562586a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:40 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pratixFkvpXgcXXuODWhzMbS5JuaCgrR7eSIhIP3JoDjujkRFzyBSfeqwuIV7JkDF3lkJvhwNjlovC8vADw3BMbk2zqNWuZKp7Sg%2F4dieT%2FOqEr%2FNLC6bcGoIJ9ehHDSTtb57dT8g5T126AxnelbhPA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 79eb03112f9e2c23-FRA
GET H2	200	sp-2.14.0.js Show response d34qb8suadcc4g.cloudfront.net/	98 KB 30 KB	48ms 48ms	Script application/javascript	2600:9000:21f3:b800:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js Requested by Host: d34qb8suadcc4g.cloudfront.net URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:b800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 24 Jan 2023 03:40:00 GMT content-encoding gzip via 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront) x-amz-version-id rVTqklA1qqyT_0VdOCY323BKPISR0uej last-modified Wed, 04 Nov 2020 01:35:32 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 2739581 etag "73de733c308b8b5e44d2a6242dc4bd99" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000 accept-ranges bytes content-length 30399 x-amz-cf-id jX9RfQ8r1bUxsA1ItFNixbMXnAPDaTh8aS23M3pgJmPHQViQ7bu2pA==
GET BLOB	200 OK	c221a30e-f944-4469-8d8d-161f9cafe97f https://get.steamrefund.com/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://get.steamrefund.com/c221a30e-f944-4469-8d8d-161f9cafe97f Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Length 5579 Content-Type text/css
GET H2	200	css fonts.ub-assets.com/	5 KB 1 KB	439ms 346ms	Stylesheet text/css	13.224.189.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-107.fra2.r.cloudfront.net Software / Resource Hash c9e4e00d008204de9cd5db50ce8148d6b7093418dc91a4d4a4431644938dc523 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 via 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 x-amzn-requestid 1921ac37-99e6-423e-80ef-6acf61ba7976 x-cache Miss from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id A3IGIHbDIAMFszg= content-length 717 x-xss-protection 0 cross-origin-opener-policy same-origin-allow-popups x-amzn-trace-id Root=1-63f9208d-19549e2b2ec4f0f522602a62 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * x-amz-cf-id ubVjkFLKHSaF4-Q_AAikR1wrKW_TJTsOjnE5KB5VRnVc1k5-CIvUkg==
GET H2	200	56c7be15-untitled-design_106f06f000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	7 KB 7 KB	154ms 151ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/56c7be15-untitled-design_106f06f000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7899c5cab027e001814e1641c3949923e9f17a49a70a7a066710fc3dd1ae318b Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 21 Feb 2023 13:57:05 GMT x-amz-version-id EWINzz_5dGRbMqVlDonQLT88j5COBz21 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 283357 etag "57f839ce0141194bc512049d4dec6d5e" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 6730 x-amz-cf-id PpFsiaELfSBn4a2bOZ7tM5GCwm72IYjwbtuefaY2TNJ8OcHnns0zcQ==
GET H2	200	9850604d-icons8-legal-1_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	505 B 896 B	128ms 126ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/9850604d-icons8-legal-1_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 296403224467b0696e952995d954fb75927f2c50449963d2664d6c425227fb68 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id g2RUYCM568bryZOT1urrGYKuZGx1retY via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "6e2e394ae46c3d430ad193cb4e0272aa" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 505 x-amz-cf-id RX7RqHzAKfhc25d-LwtrEmblXw_4dJh8b3bKVMzH0pEZ9WhpW8xNGA==
GET H2	200	dad2e6ee-icons8-discussion-1-1_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	499 B 891 B	128ms 125ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/dad2e6ee-icons8-discussion-1-1_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a0ce992672dcec644634af802f494b8e0857147cb1b6316dad59a76d9763c589 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id Bo6drlyX6inYi_7FBIKhefUwVG79d2fd via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "f1fa9ac56c7ddce2f72d183587498435" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 499 x-amz-cf-id BHpg2z2kzo4ub2F6wPZxKvPW0efQztXz_TApKKDPGE3UtpSZbEnfzw==
GET H2	200	daed21bb-icons8-justice-scale-64_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	576 B 968 B	131ms 128ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/daed21bb-icons8-justice-scale-64_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f10d6b4c19c7e53e5d781ed10e3c856d7766ac1e9325dd9cf63dfeb48e82cd15 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id JeCSWIryuE.6hCxczx3RsfihTCNDYKCg via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "a563a6896d3cef821e8c141a5590d81f" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 576 x-amz-cf-id boCTVWJy3b9dm6KTLREnvJYF3q4B7HXCrtlOzFnnHNj75pewHDwbhw==
GET H2	200	9ec39a54-img-hero_1000000000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	1 KB 1 KB	151ms 149ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/9ec39a54-img-hero_1000000000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 328bf78d9037cf1d442674cf214abe79dfe9bb1d5990958d3f150aa1960c0770 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 15 Feb 2023 00:29:51 GMT x-amz-version-id irpXazESMRzqY2fZLmxGrOX8Wyy3tNNE via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 850191 etag "52cf69f342fe4091581d5cc9c8488a1c" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 1076 x-amz-cf-id vtYCVz4UP2sO8-BvSfqm4B0zSze1CizF_zQZoqN0Zdt9zeFZ2oR9fg==
GET H2	200	56c7be15-untitled-design_1078078000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	8 KB 8 KB	131ms 129ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/56c7be15-untitled-design_1078078000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 8e1e9a17ca7de1669b96ae622b530c46a3f7aad0a477c526e8fc174c3368dfb0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 21 Feb 2023 13:57:05 GMT x-amz-version-id X_XUTA93D0E008jTAgvoPZgBOjgML2HE via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 283357 etag "082f11974d5262e083da1ea08fc13a1b" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 7950 x-amz-cf-id IyDkOUOK384yDrL-WO1iodmxcAmkNv88Lm_R_JL6Lmqd6LnERy8EsA==
GET H2	200	1c9cc220-image-104_113t07b03t02z08a003028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	3 KB 3 KB	129ms 127ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_113t07b03t02z08a003028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash be6f0dab542b9db3753c4ab63a5f7c9814826f652471b174f3503fbc0b3b6065 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 21 Feb 2023 13:57:05 GMT x-amz-version-id goFC1J2EeadCgdMkCFl2yDDCvtSzaz1Y via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 283357 etag "3dbda966958efaf8a5bd8328e28f90d2" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 3175 x-amz-cf-id 3i7MUnnR4tYDQ-ePqL1CFU3wEllX5bRdEjYZVnzh8AhhS2n8jHUtRA==
GET H2	200	1c9cc220-image-104_100000005z0300d000a028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	5 KB 5 KB	136ms 134ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_100000005z0300d000a028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash edead83bade592bfbb518785d5a375b822a95d91b6874325efc9af58520821b0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id rIK7G76odHDX_fRFcKjYxYwLLMw1FT.8 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "0f642c56a6afb26edccac75a2304b678" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 4826 x-amz-cf-id W--2hyPeiUR_d1f7jzNqNhlZULLENkHw-x9Of0nfyMNSdTOjioXqHQ==
GET H2	200	1c9cc220-image-104_111d06x08902u0if00a028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	5 KB 6 KB	153ms 151ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_111d06x08902u0if00a028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 6f0f20c2a0443bc08689acb871745e8d80299d6a8c568ad713413a0d1c4968d5 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 21 Feb 2023 13:57:05 GMT x-amz-version-id CuvQX0K3ObWwWGwYrusik1uAgZy5w.jv via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 283357 etag "9b3b0ad15ecb5871f7bd7a74f7df87ea" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 5256 x-amz-cf-id 18TqYhQzhkTacOZ-Vo5Fa4o-C9z4YhTE9s94FauC0Clq6UJtwIHFyg==
GET H2	200	1c9cc220-image-104_100000002x0300sx008028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	9 KB 9 KB	143ms 141ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/1c9cc220-image-104_100000002x0300sx008028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 320d4eb4df987dd82522b916ae2ce75617584ca508d77dde11fa2b64ab421e71 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id yL5YQW06jNkn4c3YiTsaphsWZJhh..CU via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "e54f7b778137af059d88bdb42fb390bb" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 9007 x-amz-cf-id Lt60lzYkSPEYbgAPCoLnav3ZlJXd95uRq9RpOavTMkMPGLmdoReoWQ==
GET H2	200	803304b1-ign-logo-1536x864_104502b000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	2 KB 2 KB	482ms 479ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/803304b1-ign-logo-1536x864_104502b000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 4206aea9d4731e3537b5a3e0d6b0bed82179891d0c6354ebb9cf80cc0d30cfef Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:42 GMT x-amz-version-id 6z3HjgYIVjquIxFV.fc.p4pyRDagcTgp via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Fri, 24 Feb 2023 09:23:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "7bcb922759fd4d84fa03ab8780518252" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 1616 x-amz-cf-id nt-7kYh4u5b6lVZkczTVW5azwKsfg7aJ0-RcakxHKciqxD6Jk2rxfQ==
GET H2	200	fccf38a4-shack-news-logo_106h016000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	3 KB 3 KB	154ms 152ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/fccf38a4-shack-news-logo_106h016000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e1e5b21a92e417a421cec29ba2ccc6dd60eeca773aa145c4802657d8fed02a42 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 14 Feb 2023 01:12:20 GMT x-amz-version-id SjUuva8EUHL7Gg1yNG4p0vYoekO1gy6_ via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 05 Feb 2023 08:56:39 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 934042 etag "c0e55ff1a51c1c1ab1dbb14c3a14f3f2" x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 2826 x-amz-cf-id 03LIsL7Ucc4rsdUQyDdWYhTDSyD0rxidqVcqVN3ngMkM1NwdLrtD4g==
GET H2	200	c3c7b570-game-rant-logo2_107e010000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	2 KB 3 KB	151ms 149ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/c3c7b570-game-rant-logo2_107e010000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash e0c11eef6f6ab1e486807d65ceb85f844c8692c2b1d41e8e7b5a7dbfc1d7e8a3 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:07:27 GMT x-amz-version-id SZ2wDqOmqxuGZdlnM4PyGKFxnegDkAZW via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 214335 etag "fe33fb6ca063e7f4e94d476fd7858042" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 2140 x-amz-cf-id bUtEjDEyEBSIIlHVznChQVGWyFnlm5BHnEBK22VrYbCE_GjoUfgpGg==
GET H2	200	5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	3 KB 3 KB	472ms 470ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/5db5dd54-1600px-pc-gamer-old-logo-svg_107e01j000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 096f7954e8e41553e39e3f290efc4a79553cb926cc4fa362e126c7204fc9130d Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:42 GMT x-amz-version-id kFeFhR2UHjsl6.ltm0Y8htkcpyKO4sO3 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Fri, 24 Feb 2023 09:23:38 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 etag "1990686fa110c07707dcee247cbd5362" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 2786 x-amz-cf-id B7NmPsapETHhzgWELFC2o9SDR6fHwXq7cnZZBr6995AWlrDsOmG5Bg==
GET H2	200	ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	3 KB 4 KB	152ms 150ms	Image image/png	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/ce9c8e93-logo-of-gamespot-svg_106j024000000000000028.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 5836fd0454a66f98cc72445de9a15615492621c13002c2470e1a1cf0af1b7b59 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 22 Feb 2023 09:07:26 GMT x-amz-version-id i3LQjyL3KlTSzXGwMnPd9tUSk.GohoS7 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) last-modified Sun, 19 Feb 2023 09:05:26 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 214336 etag "2ce7c87a626d600553f837bd8a47e785" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31557600 accept-ranges bytes content-length 3280 x-amz-cf-id AlBtV_g0FPqkGOQC1cGda-YCONmuF2aczfA01DTx2HLMgMR8LjbS4A==
GET H2	200	f308602a-0352-eurogamer-logo.svg d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/	3 KB 2 KB	505ms 503ms	Image image/svg+xml	13.225.84.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/get.steamrefund.com/f308602a-0352-eurogamer-logo.svg Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.84.146 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-84-146.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 0afb6faff44a842fe76a446a279686f8e6a9fceae1549a22468033c653860225 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:42 GMT x-amz-version-id LrAly_mB9BJpJVwyYmnJmeW4NV6p0kP. content-encoding gzip last-modified Fri, 24 Feb 2023 09:23:38 GMT server AmazonS3 via 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 etag W/"a7116c911d88a4d87c2d6905a3c87b9d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type image/svg+xml cache-control max-age=31557600 x-amz-cf-id OUYzF2oh85s8Dxwc_1D02W1dnjAdGUb-13qLttXt2syPnPKDzfretg==
GET H2	200	i events.ub-analytics.com/	43 B 245 B	601ms 356ms	Image image/gif	54.164.38.118 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://events.ub-analytics.com/i?stm=1677271181040&e=pv&url=https%3A%2F%2Fget.steamrefund.com%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=eb2d1ba7-6fb8-4ea9-9e93-2c3ceeb35cfb&dtm=1677271181039&vp=1600x1200&ds=1600x2437&vid=1&sid=03aed040-3ddd-4a54-8106-98653e9268e7&duid=7184e8a0-59bb-492a-b65b-c000c7939600&uid=86145f5c-4f9c-48a0-b72f-7a49893356bb&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDUyNjQzNGMtMGRjNi00ZDE0LWIxNTQtMDMwMGM4NjIzODk4IiwidmFyaWFudElkIjoiaSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6ImR0YSJ9fV19 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.164.38.118 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-164-38-118.compute-1.amazonaws.com Software akka-http/10.0.9 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin * date Fri, 24 Feb 2023 20:39:41 GMT access-control-allow-credentials true p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" server akka-http/10.0.9 content-length 43 content-type image/gif
GET H2	200	pica.js get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 9EB4	19 KB 8 KB	48ms 48ms	Other application/javascript	2606:4700:20::681a:93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2188a4d74cbd6e8dc881dc169f1000f9a4b7e290a3646dbce1e12623be17c3b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGh0tl5jpnGvORcaWByub%2BVXgIJW%2BcqhVwLeelfeZypd5s8enKtKAIgpyTt3f9THa7M%2FRm%2F6pPhXykpACPTCmQsY8RBW1Nd6v%2BmHFp5Y%2BMaCLsRKyNV%2FNOPilBgS3lfsO%2BRXJJ8%2FeriWqi4p1boGDkY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 79eb0311986b2c23-FRA
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/	2 KB 1 KB	189ms 99ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11050824091/?random=1677271181173&cv=11&fst=1677271181173&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fget.steamrefund.com%2F&auid=1840885497.1677271181&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca2e3ab24cdd789787a5b2775181a2eb2cafcce9d11643d5e229aea641a52c9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 837 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	143ms 43ms	Script application/javascript	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish last-modified Mon, 23 Jan 2023 21:56:14 GMT server snooserv nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} etag "03d5db9dfd00a5719bb4c9261e6fa1bb" vary Accept-Encoding,Origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]} content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-length 7356
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1515208/	58 KB 18 KB	231ms 143ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1515208/tfa.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c194d21af7d3104e20547d13d0c0dd21009b8375679cc7fe1a2eb7be692dfb5d Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-amz-version-id dR5ewo7rWLIh17O0VCFk13pRJNLZu03R content-encoding gzip via 1.1 varnish date Fri, 24 Feb 2023 20:39:41 GMT x-amz-request-id AV3S37WDS3Q11DCG age 0 x-cache HIT x-amz-replication-status COMPLETED content-length 18384 x-amz-id-2 FK/ClngmHBw2EyotwrmTCI7NEkm7/Z5P5HztiiHZ1NSnUN8kn4Wd5Z4rgljd8xnv1PYp5al1u04= x-served-by cache-hhn-etou8220079-HHN last-modified Sun, 19 Feb 2023 11:04:21 GMT server AmazonS3 x-timer S1677271181.287274,VS0,VE103 etag "5ff43588083e965df53b00c4018eca23" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 97 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 1
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	106 KB 28 KB	169ms 87ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Fri, 24 Feb 2023 20:39:41 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27843 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug WxjRWWkOJ0cbApTixdxadqU4d0qjP+zLX/knz0emgECKylLaSiyT4r0URybePM60PZt0MoMCQx9JxDsT824NSg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	3 KB 2 KB	458ms 143ms	Script application/javascript	23.36.163.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d56171cc95a5a7baf50ecc53223a72fe4713ce3afa3453c962e2dbe2a1f93efe Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-akamai-request-id 1d80b203.11a4b3c5 date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-cache TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-) x-parent-response-time 100,23.36.161.153 server-timing cdn-cache; desc=MISS, edge; dur=94, origin; dur=7, inner; dur=3 content-length 1142 pragma no-cache server nginx x-tt-logid 202302242039411CF9CD4EAD4A8E90825C x-cache-remote TCP_MISS from a104-78-78-85.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-) vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 7,104.78.78.85 x-tt-trace-host 0158f08db0c9b8b93ec75a84be63d23d36313ed3d47d27f26490436e1852b06c03e4d299913d6f8967e19b36dbdf4da722035c0fac1b8029b5940d0468353a76485564d6986dc139e1b8ee4fceae43ffcc3305eda03df08d6096e223801d48a8874961b4221c66c58d21d22c93c1e01bdd expires Fri, 24 Feb 2023 20:39:41 GMT
GET H2	200	scevent.min.js Show response sc-static.net/	30 KB 13 KB	164ms 67ms	Script application/javascript	13.225.77.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc-static.net/scevent.min.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.77.245 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-77-245.fra2.r.cloudfront.net Software CloudFront / Resource Hash e2adb933987ecc1b413c1ad0d5024757f89f224afccc19d42f8c4c322aef7ea3 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip via 1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop FRA2-C2 x-cache GeneratedResponse from cloudfront content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, s-maxage=0, max-age=600 access-control-allow-headers Content-Type content-length 13327 x-amz-cf-id XITFYkn62tnStC-plk_nsjqcsKR2FQzjnIZT1sE2U0o3K3n4SQIp6g==
GET H2	200	js Show response www.googletagmanager.com/gtag/	240 KB 82 KB	73ms 71ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 31ae9d4903c6c14a743c53233c5a89a1dff71676cc9b606da61d8922b8af8344 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83728 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 Feb 2023 20:39:41 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	111 KB 44 KB	56ms 54ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-252624536-1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM6PL8S Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 22361196a453471b201aac0b23f2b29ce8b113051b115e609c96bfd6954a8297 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44565 x-xss-protection 0 last-modified Fri, 24 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Feb 2023 20:39:41 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	137ms 42ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip last-modified Thu, 27 Oct 2022 16:56:53 GMT etag "32ad004436155ec972bc50e6238b5b67+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15375 x-served-by cache-iad-kjyo7100081-IAD, cache-hhn-etou8220039-HHN
GET H/1.1	200 OK	obtp.js Show response amplify.outbrain.com/cp/	17 KB 6 KB	149ms 50ms	Script application/x-javascript	23.35.229.86 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://amplify.outbrain.com/cp/obtp.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.229.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-229-86.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 3c4aacb974ed3d0a3d1f57bebc8d97897ce027b0751a5f0da9ee697a825c2f1a Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 20:39:41 GMT Content-Encoding gzip Last-Modified Thu, 02 Feb 2023 09:48:30 GMT Server AkamaiNetStorage ETag "b07048fb19f7c325242e254218118e14:1675339769.124179" Vary Accept-Encoding Content-Type application/x-javascript X-RG EU Cache-Control max-age=1200 X-CC DE Connection keep-alive Accept-Ranges bytes Content-Length 5911 Expires Fri, 24 Feb 2023 20:59:41 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/	74 KB 22 KB	149ms 47ms	Script text/javascript	2600:9000:20eb:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 78aac454be4485b20c37d1b1d9d34de6028182fd41228fe0f5fdb6f5dd150d73 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers X-Amz-Version-Id JSfCSeEl83qC5CorVengMBnOjnoQtoSm Content-Encoding gzip Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) Date Fri, 24 Feb 2023 20:36:52 GMT Age 170 X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 24 Feb 2023 09:11:39 GMT Server AmazonS3 Etag W/"c7dced74e80c99b58ed8a68e8cb4af8c" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id -JmCxMpOsGkwZMtDjwtjmVO5hTUDlyjhT5MnXd42eI_98GURHn88BQ==
POST H2	200	79eb030f4c932c23 Show response get.steamrefund.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 9EB4	2 B 557 B	100ms 99ms	XHR text/plain	2606:4700:20::681a:93 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/cv/result/79eb030f4c932c23 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677268800 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:93 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/json Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 79eb0313dc082c23-FRA report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcH1scNCp37K%2FE1MpMCxlOYjBqANpCnp1qVLBWeB2EdtenE9WSvKw4pgodA5PMwFIflW44YDPJIW5lZQS6HKdqd0KjbO2GF%2FkZK3onTsvJKrGyrRK457GFVbKSV9p%2FKkX2bcS9NQXWrmveY5dW3JVKk%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8
GET H3	200	js Show response www.googletagmanager.com/gtag/	111 KB 44 KB	56ms 55ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-252624536-1&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b2af33e8a39fe73f38de37b70876520e2bec7b2cf70b0076fceea56f67412e16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44579 x-xss-protection 0 last-modified Fri, 24 Feb 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 24 Feb 2023 20:39:41 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 256 B	138ms 47ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-P48CLNLYJE&gtm=45je32m0&_p=778126585&cid=1152285765.1677271181&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677271181&sct=1&seg=0&dl=https%3A%2F%2Fget.steamrefund.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-P48CLNLYJE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:41 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.steamrefund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	144ms 40ms	Script text/javascript	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-252624536-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 24 Feb 2023 20:14:50 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 1491 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Fri, 24 Feb 2023 22:14:50 GMT
GET H2	200	rp.gif alb.reddit.com/	42 B 157 B	236ms 152ms	Image image/gif	2a04:4e42:200::396 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1677271181443&id=t2_f8rkva25&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=fd884b7a-50ff-42c8-92df-c0257d6e4227&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT via 1.1 varnish server Varnish content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H/1.1	200 OK	cachedClickId Show response tr.outbrain.com/	35 B 194 B	463ms 113ms	Script application/javascript	70.42.32.223 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Full URL https://tr.outbrain.com/cachedClickId?marketerId=undefined Requested by Host: amplify.outbrain.com URL: https://amplify.outbrain.com/cp/obtp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 20:39:41 GMT X-TraceId 798efad4acda5874e44b4b4d1c8bab1e Content-Length 35 Content-Type application/javascript
GET H/1.1	200 OK	unifiedPixel tr.outbrain.com/	53 B 225 B	479ms 118ms	Image image/gif	70.42.32.223 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://tr.outbrain.com/unifiedPixel?marketerId=009063823c6ff0a709127c2dd74e59c875&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fget.steamrefund.com%2F&g=1&optOut=false&bust=041687896407215486&referrer= Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.42.32.223 , United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Fri, 24 Feb 2023 20:39:41 GMT Cache-Control no-cache X-TraceId 7782a975566a80fc52dc3bc7d7ce07b1 Content-Length 53 Content-Type image/gif;
GET H2	200	adsct t.co/1/i/	43 B 377 B	237ms 149ms	Image image/gif	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b0553761-335d-49b7-820e-4adae194f516&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fba8c373-b9c3-4908-b3cf-ec6220091773&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-response-time 109 date Fri, 24 Feb 2023 20:39:40 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id ac590e9d5efb49d3 cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 7400ca618512dd960ea5fe4e4ab52f2fef52f03c0b26a9e31990112d0154328b content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 725 B	250ms 148ms	Image image/gif	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b0553761-335d-49b7-820e-4adae194f516&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=fba8c373-b9c3-4908-b3cf-ec6220091773&tw_document_href=https%3A%2F%2Fget.steamrefund.com%2F&tw_iframe_status=0&txn_id=odb55&type=javascript&version=2.3.29 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-response-time 107 date Fri, 24 Feb 2023 20:39:41 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id e00cc789ba45905f cache-control no-cache, no-store, max-age=0 perf 7626143928 x-connection-hash 5946077b06eb803d7c89fbc890943bcd90469ff609071850ac6bf7d547b65006 content-length 43
GET H2	200	/ www.google.com/pagead/1p-user-list/11050824091/	42 B 455 B	143ms 55ms	Image image/gif	2a00:1450:4001:80b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/11050824091/?random=1677271181173&cv=11&fst=1677268800000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fget.steamrefund.com%2F&fmt=3&is_vtc=1&random=2867775412&rmt_tld=0&ipr=y Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:41 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/11050824091/	42 B 455 B	145ms 54ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/11050824091/?random=1677271181173&cv=11&fst=1677268800000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fget.steamrefund.com%2F&fmt=3&is_vtc=1&random=2867775412&rmt_tld=1&ipr=y Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:41 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/6FGPXF7JBVHSVDCJIPGVKW/index.js https://s.adroll.com/j/exp/index.js	28 B 783 B	43ms 43ms	Script application/javascript	2600:9000:20eb:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol HTTP/1.1 Server 2600:9000:20eb:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers X-Amz-Version-Id CiD7z5Qr2ECIL.Zbw84rFXTGVfvZ9kAA Date Fri, 24 Feb 2023 20:17:11 GMT Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) Age 1439 X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Thu, 01 Dec 2022 00:29:34 GMT Server AmazonS3 Etag "5816cced8568d223aa09d889f300692b" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id 6m8PGggjO3ozky6oyFBLgeXxtRhzC1n9vPBj8HeaCzSPBtEMWt9gUw== Redirect headers Date Fri, 24 Feb 2023 08:38:15 GMT Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) Age 43285 X-Amz-Cf-Pop FRA2-C1 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id x9rKZY2xXMmDqfFz5zNDksl0kKhI_zzS96zLCZX8HQpSSynWx3TeIw==
GET H2	200	i Show response tr.snapchat.com/cm/ Frame 4B12	0 294 B	157ms 59ms	Document text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/cm/i?pid=a1860529-0aae-45cb-a054-1bba5385bf0a&u_scsid=5a89eb7e-7bcb-4ad7-b872-73a88ab9250d&u_sclid=d3830b77-22cc-4268-ae65-f70fc005dc75 Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains Request headers Referer https://get.steamrefund.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 content-type text/html date Fri, 24 Feb 2023 20:39:41 GMT server API Gateway strict-transport-security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains via 1.1 google x-envoy-upstream-service-time 7
GET H2	200	a1860529-0aae-45cb-a054-1bba5385bf0a.js Show response tr.snapchat.com/config/com/	144 B 535 B	134ms 51ms	Script application/javascript	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/config/com/a1860529-0aae-45cb-a054-1bba5385bf0a.js Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash d16277ff6b401278ececcace4162f1df4b84769a2a833c9dd30ef8f37f7ac2a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://get.steamrefund.com/ Origin https://get.steamrefund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains content-encoding gzip via 1.1 google server API Gateway vary Accept-Encoding content-type application/javascript access-control-allow-origin https://get.steamrefund.com x-envoy-upstream-service-time 0 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	p tr.snapchat.com/	68 B 345 B	57ms 55ms	Ping text/html	35.190.43.134 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tr.snapchat.com/p Requested by Host: sc-static.net URL: https://sc-static.net/scevent.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 134.43.190.35.bc.googleusercontent.com Software API Gateway / Resource Hash 370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains Request headers Referer https://get.steamrefund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 24 Feb 2023 20:39:41 GMT strict-transport-security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains via 1.1 google server API Gateway content-type text/html access-control-allow-origin https://get.steamrefund.com cache-control no-cache, no-transform x-envoy-upstream-service-time 5 access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 68
GET H2	200	851791816024757 Show response connect.facebook.net/signals/config/	377 KB 108 KB	195ms 195ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/851791816024757?v=2.9.97&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4b0917d7deea54dafa1e5109bf70c13df38343f0268b3726ef17b22dc95240ee Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Fri, 24 Feb 2023 20:39:41 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug 7kBXTCuRou8INCbjYfX9P0WmEFrm+GDxASWLVp8a+BHFlyjmQ/WTURZMb/b6YOb+Wz0LGX1JF71deWSM4ofstw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.ub-assets.com/fonts/s/poppins/v20/	8 KB 8 KB	129ms 47ms	Font font/woff2	13.224.189.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-107.fra2.r.cloudfront.net Software / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Origin https://get.steamrefund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 24 Nov 2022 00:54:38 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 7748 via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 8019902 x-amzn-requestid bed698b3-57a4-427c-b7af-852a24e86bd6 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id cFMQXF3DIAMF8Yw= content-length 7771 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-637ec0ce-3d856fb74267e4c62e8f44ac report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id LQIQlOf1WS1ZHytaQKbHvtIAEYCmvjEl8vxnUDdaHQSLQPG0zgOFzg==
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.ub-assets.com/fonts/s/poppins/v20/	8 KB 8 KB	130ms 48ms	Font font/woff2	13.224.189.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-107.fra2.r.cloudfront.net Software / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Origin https://get.steamrefund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 24 Nov 2022 00:37:59 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 7816 via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 8020902 x-amzn-requestid 64c50521-4b0b-48e0-a4c3-0cdc39f27463 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id cFJ0JGdmIAMFnXw= content-length 7839 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-637ebce7-3159399d03a3eca41395f49e report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id oPvTM7RqpgzT4plMRc5M7gS877xhe8mL2z6Z8R32cKfvSVUwjw0yEw==
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.ub-assets.com/fonts/s/poppins/v20/	8 KB 9 KB	131ms 49ms	Font font/woff2	13.224.189.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-107.fra2.r.cloudfront.net Software / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Origin https://get.steamrefund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 24 Nov 2022 00:54:38 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 7884 via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 8019903 x-amzn-requestid 980beba2-d6ff-40bd-82ae-2778774a9f80 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id cFMQSFYvoAMF05A= content-length 7907 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-637ec0ce-58a9fefe17b18d471d2fd324 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id bhBxBCSPoi0AMJRoDLTMmZ2_Ftt_UDsImPQ6V0yruPXwg-BOVq-OdQ==
GET H2	200	6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 fonts.ub-assets.com/fonts/s/sourcesanspro/v21/	12 KB 13 KB	113ms 45ms	Font font/woff2	13.224.189.107 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fonts.ub-assets.com/fonts/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 Requested by Host: fonts.ub-assets.com URL: https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.107 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-107.fra2.r.cloudfront.net Software / Resource Hash e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.ub-assets.com/css?family=Poppins:700,500,regular%7CSource+Sans+Pro:italic Origin https://get.steamrefund.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 19 Jan 2023 05:16:57 GMT content-encoding gzip x-content-type-options nosniff x-amzn-remapped-content-length 12580 via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C1 age 3165764 x-amzn-requestid 8f4dc01d-2a93-4b2b-b93c-92f3bb9c9b7b content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes x-cache Hit from cloudfront cross-origin-resource-policy cross-origin x-amz-apigw-id e-XLcFCwIAMFT8w= content-length 12603 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:19:48 GMT cross-origin-opener-policy same-origin; report-to="apps-themes" x-amzn-trace-id Root=1-63c8d249-42a398b24cb3f4ab69678640 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * x-amz-cf-id 3t_oWywnYr2XoBT_d2ZHH2watShGqJg1dPpTCRYW7eEiEVOXf1jEBQ==
GET H2	200	json Show response trc.taboola.com/1515208/trc/3/	2 KB 2 KB	66ms 59ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1515208/trc/3/json?tim=1677271181506&data=%7B%22id%22%3A326%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1677271181499%2C%22cv%22%3A%2220230219-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-jordanagencybellcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1677271181505%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fget.steamrefund.com%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 697ea401f1e78c31692396a071b6971be3cf757a07d854c0b02af2e7b1cec313 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-vcl-time-ms 19 date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip via 1.1 varnish x-served-by cache-hhn-etou8220079-HHN server nginx x-timer S1677271182.623947,VS0,VE19 vary Accept-Encoding x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * content-type application/javascript; charset=utf-8 access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
GET H2	200	6FGPXF7JBVHSVDCJIPGVKW Show response d.adroll.com/consent/check/	453 B 546 B	182ms 57ms	Script application/javascript	2a05:d018:cc3:fe04:4794:ab03:2c09:5455 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/6FGPXF7JBVHSVDCJIPGVKW?pv=45622627443.58787&arrfrr=https%3A%2F%2Fget.steamrefund.com%2F&_s=275632ccd62e7ac54f5231c11170aeeb&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d018:cc3:fe04:4794:ab03:2c09:5455 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.22.1 / Resource Hash a6b6fd7e46c0b439dcf078fe31628308ade96a05054cd20d60a88130238275b6 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 24 Feb 2023 20:39:41 GMT server nginx/1.22.1 content-length 453 content-type application/javascript
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 146 B	48ms 47ms	XHR text/plain	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=778126585&t=pageview&_s=1&dl=https%3A%2F%2Fget.steamrefund.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=688870961&gjid=268414023&cid=1152285765.1677271181&tid=UA-252624536-1&_gid=160870527.1677271182&_r=1&gtm=457e32m0&z=766549357 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://get.steamrefund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://get.steamrefund.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	40ms 40ms	Image image/gif	2001:4860:4802:32::178 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j99&a=778126585&t=pageview&_s=2&dl=https%3A%2F%2Fget.steamrefund.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1152285765.1677271181&tid=UA-252624536-1&_gid=160870527.1677271182&gtm=457e32m0&z=955105325 Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Fri, 24 Feb 2023 10:10:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 37742 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	main.MTE3ZGZjMmFkMA.js Show response analytics.tiktok.com/i18n/pixel/static/	238 KB 65 KB	44ms 43ms	Script application/javascript	23.36.163.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CEIHHGRC77UD28TRBJC0&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a6563f1b77608e27cb823aeea1c95a4db298557918d9ed6e8e9db5160d8aabdd Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-akamai-request-id 11a4b5cc date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 20230221145328E08404DF03282F84D7E0 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 0192361068aa50af919537bd871bfd75a80f5be396922cf037257597db503d6aae85b309eecf76a7cafd6faadef0571f9bab0dc2dc79fbb5f3b88b71c88510812edc1ec14cb5d1717f819eba8dc4f63d766eb0936b93b3dc5493162069020ae8ab server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=3 content-length 66348
GET H2	200	identify_cab4d.js Show response analytics.tiktok.com/i18n/pixel/static/	114 KB 31 KB	42ms 42ms	Script application/javascript	23.36.163.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_cab4d.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers x-akamai-request-id 11a4b730 date Fri, 24 Feb 2023 20:39:41 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202302211453294E2A4807E6945BF01D46 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 016ddc4f7df6194807000539b14b61b6c508cdb2d958380b9d544daa56cd3629fc5814ab9be2ca90f1900398253d320fa2d2441c02ef60664eb232bd94e76423085b47c8489b26ef7722ea3c2b9f0e93d1045d2b50b1b05ea68196319d109b00a7 server-timing cdn-cache; desc=HIT, edge; dur=0, inner; dur=3 content-length 30723
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 554 B	224ms 223ms	Ping text/plain	23.36.163.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTE3ZGZjMmFkMA.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.163.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-36-163-153.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://get.steamrefund.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 24 Feb 2023 20:39:42 GMT x-akamai-request-id 11a4b7e9 x-tt-trace-tag id=16;cdn-cache=miss;type=dyn server nginx x-tt-logid 202302242039411935BF334556F0540D70 x-cache TCP_MISS from a23-36-161-153.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-) access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 177,23.36.161.153 x-tt-trace-host 0158f08db0c9b8b93ec75a84be63d23d3665463a99f14da00de3dd5588cf9122ce0e7d8c4ffb04f0df65aa4554ed1cef346644af966585719bb0ae58d9627cbf8007eddd7516911fad317937da051f45b3f8ee1009447c309ef0bdf217ba71650c server-timing inner; dur=85, cdn-cache; desc=MISS, edge; dur=6, origin; dur=177 content-length 0 expires Fri, 24 Feb 2023 20:39:42 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	148ms 41ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=851791816024757&ev=PageView&dl=https%3A%2F%2Fget.steamrefund.com%2F&rl=&if=false&ts=1677271181836&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677271181835.1649125035&it=1677271181480&coo=false&rqm=GET Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 24 Feb 2023 20:39:41 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	consent_tcfv2.js Show response s.adroll.com/j/	410 KB 55 KB	42ms 42ms	Script application/javascript	2600:9000:20eb:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/consent_tcfv2.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/6FGPXF7JBVHSVDCJIPGVKW/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers X-Amz-Version-Id 44sIT20LqRj70wQHqyIoOw7etYYdjkbK Content-Encoding gzip Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) Date Fri, 24 Feb 2023 20:36:17 GMT Age 207 X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Wed, 04 May 2022 19:41:48 GMT Server AmazonS3 Etag W/"0a7d0ea8d7d31b07e925fe340acf431b" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Cache-Control max-age=300, must-revalidate Access-Control-Allow-Credentials false Access-Control-Allow-Headers * X-Amz-Cf-Id -mG9FFnxF15iTVUnmNzK_4oX50E7q5avp4bveI9zE1_v4iQRLUPAvg==
GET H/1.1	200 OK	nextroll-32x32.png s.adroll.com/i/favicon/	2 KB 2 KB	42ms 42ms	Image image/png	2600:9000:20eb:ae00:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.adroll.com/i/favicon/nextroll-32x32.png Requested by Host: get.steamrefund.com URL: https://get.steamrefund.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:ae00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers X-Amz-Version-Id eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0 Date Fri, 24 Feb 2023 08:21:10 GMT Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) Age 44318 X-Amz-Cf-Pop FRA2-C1 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 1615 Last-Modified Mon, 28 Jun 2021 18:19:21 GMT Server AmazonS3 Etag "403a0a7dcf2d617e7ea852bfb9d11945" Vary Accept-Encoding Access-Control-Max-Age 600 Content-Type image/png Access-Control-Allow-Origin * Access-Control-Allow-Methods GET Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id X_xb7cmb8oUbwJDev7wzI9xG29efW5PpbPFW34lBO8Mfsv-8N2n7oA==
GET H2	200	/ www.facebook.com/tr/	0 54 B	54ms 53ms	Image text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=851791816024757&ev=Microdata&dl=https%3A%2F%2Fget.steamrefund.com%2F&rl=&if=false&ts=1677271182339&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Fget.steamrefund.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677271181835.1649125035&it=1677271181480&coo=false&es=automatic&tm=3&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Fri, 24 Feb 2023 20:39:42 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	204	unip Show response trc-events.taboola.com/1515208/log/3/	0 249 B	161ms 43ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=1553&scd=0&ssd=1&est=1677271181502&ver=36&isls=true&src=i&invt=1500&msa=1237&rv=1&tim=1677271183056&vi=1677271181499&ri=7bcefae2261adf34ef2b69b3210a6674&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin https://get.steamrefund.com pragma no-cache date Fri, 24 Feb 2023 20:39:43 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
GET H2	204	unip Show response trc-events.taboola.com/1515208/log/3/	0 248 B	45ms 44ms	XHR text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1515208/log/3/unip?en=pre_d_eng_tb&tos=4555&scd=0&ssd=1&est=1677271181502&ver=36&isls=true&src=i&invt=3000&msa=1237&rv=1&tim=1677271186058&vi=1677271181499&ri=7bcefae2261adf34ef2b69b3210a6674&ref=null&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fget.steamrefund.com%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1515208/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://get.steamrefund.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers access-control-allow-origin https://get.steamrefund.com pragma no-cache date Fri, 24 Feb 2023 20:39:46 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"